You are viewing a plain text version of this content. The canonical link for it is here.
Posted to common-issues@hadoop.apache.org by "Allen Wittenauer (JIRA)" <ji...@apache.org> on 2015/05/06 05:32:27 UTC
[jira] [Updated] (HADOOP-10679) Authorize webui access using
ServiceAuthorizationManager
[ https://issues.apache.org/jira/browse/HADOOP-10679?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Allen Wittenauer updated HADOOP-10679:
--------------------------------------
Labels: BB2015-05-TBR (was: )
> Authorize webui access using ServiceAuthorizationManager
> --------------------------------------------------------
>
> Key: HADOOP-10679
> URL: https://issues.apache.org/jira/browse/HADOOP-10679
> Project: Hadoop Common
> Issue Type: Sub-task
> Components: security
> Reporter: Benoy Antony
> Assignee: Benoy Antony
> Labels: BB2015-05-TBR
> Attachments: HADOOP-10679.patch, HADOOP-10679.patch, hadoop-10679.pdf
>
>
> Currently accessing Hadoop via RPC can be authorized using _ServiceAuthorizationManager_. But there is no uniform authorization of the HTTP access. Some of the servlets check for admin privilege.
> This creates an inconsistency of authorization between access via RPC vs HTTP.
> The fix is to enable authorization of the webui access also using _ServiceAuthorizationManager_.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)