spark-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Marcelo Vanzin (JIRA)" <j...@apache.org>
Subject [jira] [Comment Edited] (SPARK-2750) Add Https support for Web UI
Date Thu, 16 Oct 2014 17:36:33 GMT

    [ https://issues.apache.org/jira/browse/SPARK-2750?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14174003#comment-14174003
] 

Marcelo Vanzin edited comment on SPARK-2750 at 10/16/14 5:35 PM:
-----------------------------------------------------------------

FYI, any PR here should make sure the default configuration is safe against the "POODLE" attack
(https://access.redhat.com/security/cve/CVE-2014-3566). Here's something for Jetty:

http://stackoverflow.com/questions/26382540/how-to-disable-the-sslv3-protocol-in-jetty-to-prevent-poodle-attack


was (Author: vanzin):
FYI, any PR here should make sure the default configuration is save against the "POODLE" attack
(https://access.redhat.com/security/cve/CVE-2014-3566). Here's something for Jetty:

http://stackoverflow.com/questions/26382540/how-to-disable-the-sslv3-protocol-in-jetty-to-prevent-poodle-attack

> Add Https support for Web UI
> ----------------------------
>
>                 Key: SPARK-2750
>                 URL: https://issues.apache.org/jira/browse/SPARK-2750
>             Project: Spark
>          Issue Type: New Feature
>          Components: Web UI
>            Reporter: WangTaoTheTonic
>              Labels: https, ssl, webui
>             Fix For: 1.0.3
>
>   Original Estimate: 96h
>  Remaining Estimate: 96h
>
> Now I try to add https support for web ui using Jetty ssl integration.Below is the plan:
> 1.Web UI include Master UI, Worker UI, HistoryServer UI and Spark Ui. User can switch
between https and http by configure "spark.http.policy" in JVM property for each process,
while choose http by default.
> 2.Web port of Master and worker would be decided in order of launch arguments, JVM property,
System Env and default port.
> 3.Below is some other configuration items:
> spark.ssl.server.keystore.location The file or URL of the SSL Key store
> spark.ssl.server.keystore.password  The password for the key store
> spark.ssl.server.keystore.keypassword The password (if any) for the specific key within
the key store
> spark.ssl.server.keystore.type The type of the key store (default "JKS")
> spark.client.https.need-auth True if SSL needs client authentication
> spark.ssl.server.truststore.location The file name or URL of the trust store location
> spark.ssl.server.truststore.password The password for the trust store
> spark.ssl.server.truststore.type The type of the trust store (default "JKS")
> Any feedback is welcome!



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@spark.apache.org
For additional commands, e-mail: issues-help@spark.apache.org


Mime
View raw message