You are viewing a plain text version of this content. The canonical link for it is here.
Posted to common-user@hadoop.apache.org by "Bogdan M. Maryniuk" <bo...@gmail.com> on 2009/10/18 17:50:09 UTC

HTTP secure access

Hi!
Well, I have a kinda simple question, but I can not spot a proper doc
for it: how you, guys, restricting access to the web interfaces? :-)

It is somewhere in jetty or there is no feature like this? I am OK
with a simple basic authentication, but I don't really like when
others are staring at logs that are easily accessible through the web
within the same network...

-- 
Kind regards, BM

Things, that are stupid at the beginning, rarely ends up wisely.

Re: HTTP secure access

Posted by "Bogdan M. Maryniuk" <bo...@gmail.com>.
On Wed, Oct 21, 2009 at 2:57 AM, Jakob Homan <jh...@yahoo-inc.com> wrote:
> try here: http://www.cloudera.com/hadoop-world-nyc) this is included in the
> current security effort.

Hi, Jakob.
Thanks for the answer :-) Very interesting.

> You can certainly disable access to the web
> interfaces via network routing tricks in the meantime.

Well, that's what I thought... But what if I was missing something.
Well, http://opensolaris.org/os/project/crossbow/ to the rescue then.
Thanks again!

-- 
Kind regards, BM

Things, that are stupid at the beginning, rarely ends up wisely.

Re: HTTP secure access

Posted by Jakob Homan <jh...@yahoo-inc.com>.
Bogdan-
    Currently there is no security provided for accessing web pages, 
although as detailed in Owen's recent presentation 
(http://www.cloudera.com/sites/all/themes/cloudera/static/hw09/2  - 2-00 
Owen OMalley, Yahoo, securitycompatability.pdf -uhm what an odd url - 
try here: http://www.cloudera.com/hadoop-world-nyc) this is included in 
the current security effort.  You can certainly disable access to the 
web interfaces via network routing tricks in the meantime.

Jakob


Bogdan M. Maryniuk wrote:
> Hi!
> Well, I have a kinda simple question, but I can not spot a proper doc
> for it: how you, guys, restricting access to the web interfaces? :-)
> 
> It is somewhere in jetty or there is no feature like this? I am OK
> with a simple basic authentication, but I don't really like when
> others are staring at logs that are easily accessible through the web
> within the same network...
>