Uploaded image for project: 'Hadoop Common'
  1. Hadoop Common
  2. HADOOP-16527

Add a whitelist of endpoints to skip Kerberos authentication

VotersWatch issueWatchersCreate sub-taskLinkCloneUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

    Details

    • Type: New Feature
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 3.3.0
    • Component/s: security
    • Labels:
      None

      Description

      HADOOP-15707 added /isActive servlet for load balancers and HADOOP-16398 added /prom servlet for prometheus server. However, prometheus server and most load balancers do not support kerberos authentication. Therefore if kerberos authentication is enabled, prometheus server or load balancers cannot access to the endpoints.

      We would like to propose a whitelist of endpoints to avoid kerberos authentication.

        Attachments

          Activity

            People

            • Assignee:
              aajisaka Akira Ajisaka
              Reporter:
              aajisaka Akira Ajisaka

              Dates

              • Created:
                Updated:
                Resolved:

                Issue deployment