HADOOP-14047 makes KMS call HttpServer2#setACL. Access control works fine for /conf, /jmx, /logLevel, and /stacks, but not for /logs.
The code in AdminAuthorizedServlet#doGet for /logs and ConfServlet#doGet for /conf are quite similar. This makes me believe that /logs should subject to the same access control as intended by the original developer.
IMHO this could either be my misconfiguration or there is a bug somewhere in HttpServer2.
- is related to
-
HADOOP-13119 Add ability to secure log servlet using proxy users
-
- Resolved
-
-
HADOOP-14077 Improve the patch of HADOOP-13119
-
- Resolved
-
- relates to
-
HADOOP-14047 Require admin to access KMS instrumentation servlets
-
- Resolved
-
-
HDFS-10860 Switch HttpFS from Tomcat to Jetty
-
- Resolved
-