Uploaded image for project: 'Hadoop Common'
  1. Hadoop Common
  2. HADOOP-4284

Support for user configurable global filters on HttpServer


    • Type: New Feature
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 0.20.0
    • Fix Version/s: 0.20.0
    • Component/s: security
    • Labels:
    • Hadoop Flags:
    • Release Note:
      Introduced HttpServer method to support global filters.


      HADOOP-3854 introduced a framework for adding filters to filter browser facing urls. Sometimes, there is a need to filter all urls. For example, at Yahoo, we need to open an SSL port on the HttpServer and only accept hsftp requests from clients who can authenticate themselves using client certificate and is authorized according to certain policy file. For this to happen, we need a method to add a user configurable "global" filter, which filters on all client requests. For our purposes, such a global filter will block all https requests except those accessing the hsftp interface (it will let all http requests go through, so accesses through the normal http ports are unaffected). Moreover, those hsftp requests will be subject to further authorization checking according to the policy file.


        1. 4284_20080925_78.patch
          40 kB
          Kan Zhang
        2. 4284_20080926_79.patch
          40 kB
          Kan Zhang
        3. 4284_20080929_83.patch
          42 kB
          Kan Zhang
        4. 4284_20081007_85.patch
          42 kB
          Kan Zhang
        5. 4284_20081016_93.patch
          31 kB
          Kan Zhang
        6. 4284_20081016_94.patch
          31 kB
          Kan Zhang
        7. 4284_20081016_96.patch
          31 kB
          Kan Zhang
        8. 4284-7.patch
          13 kB
          Chris Douglas

          Issue Links



              • Assignee:
                kzhang Kan Zhang
                kzhang Kan Zhang
              • Votes:
                0 Vote for this issue
                6 Start watching this issue


                • Created: