Uploaded image for project: 'Hadoop Common'
  1. Hadoop Common
  2. HADOOP-16527

Add a whitelist of endpoints to skip Kerberos authentication

VotersWatch issueWatchersCreate sub-taskLinkCloneUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

Details

    • New Feature
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • None
    • 3.3.0
    • security
    • None

    Description

      HADOOP-15707 added /isActive servlet for load balancers and HADOOP-16398 added /prom servlet for prometheus server. However, prometheus server and most load balancers do not support kerberos authentication. Therefore if kerberos authentication is enabled, prometheus server or load balancers cannot access to the endpoints.

      We would like to propose a whitelist of endpoints to avoid kerberos authentication.

      Attachments

        Activity

          This comment will be Viewable by All Users Viewable by All Users
          Cancel

          People

            aajisaka Akira Ajisaka
            aajisaka Akira Ajisaka
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Slack

                Issue deployment