You are viewing a plain text version of this content. The canonical link for it is here.
Posted to common-user@hadoop.apache.org by "Bogdan M. Maryniuk" <bo...@gmail.com> on 2009/10/18 17:50:09 UTC
HTTP secure access
Hi!
Well, I have a kinda simple question, but I can not spot a proper doc
for it: how you, guys, restricting access to the web interfaces? :-)
It is somewhere in jetty or there is no feature like this? I am OK
with a simple basic authentication, but I don't really like when
others are staring at logs that are easily accessible through the web
within the same network...
--
Kind regards, BM
Things, that are stupid at the beginning, rarely ends up wisely.
Re: HTTP secure access
Posted by "Bogdan M. Maryniuk" <bo...@gmail.com>.
On Wed, Oct 21, 2009 at 2:57 AM, Jakob Homan <jh...@yahoo-inc.com> wrote:
> try here: http://www.cloudera.com/hadoop-world-nyc) this is included in the
> current security effort.
Hi, Jakob.
Thanks for the answer :-) Very interesting.
> You can certainly disable access to the web
> interfaces via network routing tricks in the meantime.
Well, that's what I thought... But what if I was missing something.
Well, http://opensolaris.org/os/project/crossbow/ to the rescue then.
Thanks again!
--
Kind regards, BM
Things, that are stupid at the beginning, rarely ends up wisely.
Re: HTTP secure access
Posted by Jakob Homan <jh...@yahoo-inc.com>.
Bogdan-
Currently there is no security provided for accessing web pages,
although as detailed in Owen's recent presentation
(http://www.cloudera.com/sites/all/themes/cloudera/static/hw09/2 - 2-00
Owen OMalley, Yahoo, securitycompatability.pdf -uhm what an odd url -
try here: http://www.cloudera.com/hadoop-world-nyc) this is included in
the current security effort. You can certainly disable access to the
web interfaces via network routing tricks in the meantime.
Jakob
Bogdan M. Maryniuk wrote:
> Hi!
> Well, I have a kinda simple question, but I can not spot a proper doc
> for it: how you, guys, restricting access to the web interfaces? :-)
>
> It is somewhere in jetty or there is no feature like this? I am OK
> with a simple basic authentication, but I don't really like when
> others are staring at logs that are easily accessible through the web
> within the same network...
>