You are viewing a plain text version of this content. The canonical link for it is here.

Posted to common-issues@hadoop.apache.org by "Allen Wittenauer (JIRA)" <ji...@apache.org> on 2015/05/06 05:32:27 UTC

[jira] [Updated] (HADOOP-10679) Authorize webui access using ServiceAuthorizationManager

     [ https://issues.apache.org/jira/browse/HADOOP-10679?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Allen Wittenauer updated HADOOP-10679:
--------------------------------------
    Labels: BB2015-05-TBR  (was: )

> Authorize webui access using ServiceAuthorizationManager
> --------------------------------------------------------
>
>                 Key: HADOOP-10679
>                 URL: https://issues.apache.org/jira/browse/HADOOP-10679
>             Project: Hadoop Common
>          Issue Type: Sub-task
>          Components: security
>            Reporter: Benoy Antony
>            Assignee: Benoy Antony
>              Labels: BB2015-05-TBR
>         Attachments: HADOOP-10679.patch, HADOOP-10679.patch, hadoop-10679.pdf
>
>
> Currently accessing Hadoop via RPC can be authorized using _ServiceAuthorizationManager_. But there is no uniform authorization of the HTTP access. Some of the servlets check for admin privilege. 
> This creates an inconsistency of authorization between access via RPC vs HTTP. 
> The fix is to enable authorization of the webui access also using _ServiceAuthorizationManager_. 



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)