hadoop-yarn-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jian He (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (YARN-3855) If acl is enabled and http.authentication.type is simple, user cannot view the app page in default setup
Date Thu, 25 Jun 2015 22:17:04 GMT

     [ https://issues.apache.org/jira/browse/YARN-3855?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Jian He updated YARN-3855:
--------------------------
    Description: If all ACLs (admin acl, queue-admin-acls etc.) are setup properly and "http.authentication.type"
is 'simple' in secure mode , user cannot view the application web page in default setup because
the incoming user is always considered as "dr.who" . User also cannot pass "user.name" to
indicate the incoming user name, because AuthenticationFilterInitializer is not enabled by
default. This is inconvenient from user's perspective.   (was: If all ACLs (admin acl, queue-admin-acls
etc.) are setup properly and "http.authentication.type" is 'simple' in secure mode , user
cannot view the application web page in default setup because the incoming user is always
considered as "dr.who" . User also cannot pass "user.name" to indicate the incoming user name,
because AuthenticationFilterInitializer is not enabled by default.)

> If acl is enabled and http.authentication.type is simple, user cannot view the app page
in default setup
> --------------------------------------------------------------------------------------------------------
>
>                 Key: YARN-3855
>                 URL: https://issues.apache.org/jira/browse/YARN-3855
>             Project: Hadoop YARN
>          Issue Type: Bug
>            Reporter: Jian He
>            Assignee: Jian He
>
> If all ACLs (admin acl, queue-admin-acls etc.) are setup properly and "http.authentication.type"
is 'simple' in secure mode , user cannot view the application web page in default setup because
the incoming user is always considered as "dr.who" . User also cannot pass "user.name" to
indicate the incoming user name, because AuthenticationFilterInitializer is not enabled by
default. This is inconvenient from user's perspective. 



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message