Return-Path: Delivered-To: apmail-hadoop-mapreduce-issues-archive@minotaur.apache.org Received: (qmail 98895 invoked from network); 22 Feb 2010 10:04:51 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.3) by minotaur.apache.org with SMTP; 22 Feb 2010 10:04:51 -0000 Received: (qmail 3667 invoked by uid 500); 22 Feb 2010 10:04:51 -0000 Delivered-To: apmail-hadoop-mapreduce-issues-archive@hadoop.apache.org Received: (qmail 3593 invoked by uid 500); 22 Feb 2010 10:04:50 -0000 Mailing-List: contact mapreduce-issues-help@hadoop.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: mapreduce-issues@hadoop.apache.org Delivered-To: mailing list mapreduce-issues@hadoop.apache.org Received: (qmail 3583 invoked by uid 99); 22 Feb 2010 10:04:50 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 22 Feb 2010 10:04:50 +0000 X-ASF-Spam-Status: No, hits=-2000.0 required=10.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.140] (HELO brutus.apache.org) (140.211.11.140) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 22 Feb 2010 10:04:49 +0000 Received: from brutus.apache.org (localhost [127.0.0.1]) by brutus.apache.org (Postfix) with ESMTP id 3656429A0015 for ; Mon, 22 Feb 2010 02:04:28 -0800 (PST) Message-ID: <1871165382.428931266833068221.JavaMail.jira@brutus.apache.org> Date: Mon, 22 Feb 2010 10:04:28 +0000 (UTC) From: "Vinod K V (JIRA)" To: mapreduce-issues@hadoop.apache.org Subject: [jira] Commented: (MAPREDUCE-1455) Authorization for servlets In-Reply-To: <663344622.28361265262030144.JavaMail.jira@brutus.apache.org> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 X-Virus-Checked: Checked by ClamAV on apache.org [ https://issues.apache.org/jira/browse/MAPREDUCE-1455?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12836564#action_12836564 ] Vinod K V commented on MAPREDUCE-1455: -------------------------------------- > What about the configuration webinterface.private.actions? >>> We need to think of this more and decide. Let's open a new issue. > The variable 'conf' should actually be removed >>> So would it be better to handle this in MAPREDUCE-1493 as that is using getJobInfo() and in turn this "conf" variable ? +1 > Make it something like JSPUtil.checkAccessAndDoOperation(JobOperation). >>> Hmm. This may make the method checkAccessAndDoOperation() complex OK. We'll leave it as is. > Authorization for servlets > -------------------------- > > Key: MAPREDUCE-1455 > URL: https://issues.apache.org/jira/browse/MAPREDUCE-1455 > Project: Hadoop Map/Reduce > Issue Type: Sub-task > Components: jobtracker, security, tasktracker > Reporter: Devaraj Das > Assignee: Ravi Gummadi > Fix For: 0.22.0 > > Attachments: 1455.patch, 1455.v1.patch > > > This jira is about building the authorization for servlets (on top of MAPREDUCE-1307). That is, the JobTracker/TaskTracker runs authorization checks on web requests based on the configured job permissions. For e.g., if the job permission is 600, then no one except the authenticated user can look at the job details via the browser. The authenticated user in the servlet can be obtained using the HttpServletRequest method. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.