hadoop-yarn-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Allen Wittenauer (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (YARN-3855) If acl is enabled and http.authentication.type is simple, user cannot view the app page in default setup
Date Fri, 26 Jun 2015 01:19:04 GMT

    [ https://issues.apache.org/jira/browse/YARN-3855?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14602226#comment-14602226
] 

Allen Wittenauer commented on YARN-3855:
----------------------------------------

bq. "http.authentication.type" is 'simple' in secure mode

This is a misconfiguration, plain and simple.

> If acl is enabled and http.authentication.type is simple, user cannot view the app page
in default setup
> --------------------------------------------------------------------------------------------------------
>
>                 Key: YARN-3855
>                 URL: https://issues.apache.org/jira/browse/YARN-3855
>             Project: Hadoop YARN
>          Issue Type: Bug
>            Reporter: Jian He
>            Assignee: Jian He
>         Attachments: YARN-3855.1.patch
>
>
> If all ACLs (admin acl, queue-admin-acls etc.) are setup properly and "http.authentication.type"
is 'simple' in secure mode , user cannot view the application web page in default setup because
the incoming user is always considered as "dr.who" . User also cannot pass "user.name" to
indicate the incoming user name, because AuthenticationFilterInitializer is not enabled by
default. This is inconvenient from user's perspective. 



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message