Uploaded image for project: 'Hadoop Common'
  1. Hadoop Common
  2. HADOOP-10648 Service Authorization Improvements
  3. HADOOP-10651

Add ability to restrict service access using IP addresses and hostnames

    Details

    • Type: Sub-task
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 2.5.0
    • Fix Version/s: 2.7.0
    • Component/s: security
    • Labels:
      None
    • Hadoop Flags:
      Reviewed

      Description

      In some use cases, it make sense to authorize the usage of some services only from specific hosts. Just like ACLS for Service Authorization , there can be a list of hosts for each service and this list can be checked during authorization.

      Similar to ACLS, there can be a whitelist of ip and blacklist of ips. The default whitelist will be * and default blacklist will be empty. It should be possible to override the default whitelist and default blacklist. It should be possible to define whitelist and blacklist per service.
      It should be possible to define ip ranges in blacklists and whitelists

        Attachments

        1. HADOOP-10651.patch
          16 kB
          Benoy Antony
        2. HADOOP-10651.patch
          16 kB
          Benoy Antony
        3. HADOOP-10651.patch
          21 kB
          Benoy Antony

          Issue Links

            Activity

              People

              • Assignee:
                benoyantony Benoy Antony
                Reporter:
                benoyantony Benoy Antony
              • Votes:
                0 Vote for this issue
                Watchers:
                9 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: