You are viewing a plain text version of this content. The canonical link for it is here.

Posted to yarn-issues@hadoop.apache.org by "Eric Yang (JIRA)" <ji...@apache.org> on 2018/10/24 22:25:00 UTC

[jira] [Resolved] (YARN-8790) Authentication Filter change to force security check

     [ https://issues.apache.org/jira/browse/YARN-8790?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Eric Yang resolved YARN-8790.
-----------------------------
    Resolution: Done

There is no code change required to enable Kerberos authentication with web socket.  The test is sufficient to show this is completed.

> Authentication Filter change to force security check 
> -----------------------------------------------------
>
>                 Key: YARN-8790
>                 URL: https://issues.apache.org/jira/browse/YARN-8790
>             Project: Hadoop YARN
>          Issue Type: Sub-task
>            Reporter: Zian Chen
>            Assignee: Eric Yang
>            Priority: Major
>              Labels: Docker
>
> Hadoop node manager REST API is authenticated using AuthenticationFilter from Hadoop-auth project. AuthenticationFilter is added to the new WebSocket URL path spec. The requested remote user is verified to match the container owner to allow WebSocket connection to be established. WebSocket servlet code enforces the username match check.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: yarn-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: yarn-issues-help@hadoop.apache.org