Details

    • Type: Sub-task Sub-task
    • Status: Closed
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 0.21.0
    • Component/s: security
    • Labels:
      None
    • Hadoop Flags:
      Reviewed
    • Release Note:
      Hide
      Added web-authorization for the default servlets - /logs, /stacks, /logLevel, /metrics, /conf, so that only cluster administrators can access these servlets. hadoop.cluster.administrators is the new configuration in core-default.xml that can be used to specify the ACL against which an authenticated user should be verified if he/she is an administrator.
      Show
      Added web-authorization for the default servlets - /logs, /stacks, /logLevel, /metrics, /conf, so that only cluster administrators can access these servlets. hadoop.cluster.administrators is the new configuration in core-default.xml that can be used to specify the ACL against which an authenticated user should be verified if he/she is an administrator.

      Description

      We have the following default servlets: /logs, /static, /stacks, /logLevel, /metrics, /conf. Barring "/static", rest of the servlets provide information that is only for administrators. In the context of security for the web-servlets, we need protected access to these pages.

      1. HADOOP-6568-20100216.txt
        9 kB
        Vinod Kumar Vavilapalli
      2. HADOOP-6568-20100224.txt
        17 kB
        Vinod Kumar Vavilapalli
      3. HADOOP-6568-20100224.1.txt
        17 kB
        Vinod Kumar Vavilapalli
      4. HADOOP-6568-20100225.txt
        24 kB
        Vinod Kumar Vavilapalli
      5. HADOOP-6568-20100225.1.txt
        24 kB
        Vinod Kumar Vavilapalli
      6. HADOOP-6568-20100225.2.txt
        23 kB
        Ravi Gummadi
      7. HADOOP-6568-20100226-ydist.txt
        21 kB
        Vinod Kumar Vavilapalli
      8. HADOOP-6568-20100226.1-ydist.patch
        21 kB
        Ravi Gummadi

        Issue Links

          Activity

          Vinod Kumar Vavilapalli created issue -
          Vinod Kumar Vavilapalli made changes -
          Field Original Value New Value
          Fix Version/s 0.22.0 [ 12314296 ]
          Description We have the following default servlets: /logs, /static, /stacks, /logLevel, /metrics, /conf. Barring "/static", rest of the servlets provide information that is only for administrators. In the context of security for the web-servlets, we need protected access to these pages.
          Component/s security [ 12312526 ]
          Vinod Kumar Vavilapalli made changes -
          Link This issue relates to MAPREDUCE-1455 [ MAPREDUCE-1455 ]
          Vinod Kumar Vavilapalli made changes -
          Attachment HADOOP-6568-20100216.txt [ 12435955 ]
          Vinod Kumar Vavilapalli made changes -
          Assignee Vinod K V [ vinodkv ]
          Vinod Kumar Vavilapalli made changes -
          Attachment HADOOP-6568-20100224.txt [ 12436833 ]
          Vinod Kumar Vavilapalli made changes -
          Status Open [ 1 ] Patch Available [ 10002 ]
          Vinod Kumar Vavilapalli made changes -
          Status Patch Available [ 10002 ] Open [ 1 ]
          Vinod Kumar Vavilapalli made changes -
          Attachment HADOOP-6568-20100224.1.txt [ 12436841 ]
          Vinod Kumar Vavilapalli made changes -
          Status Open [ 1 ] Patch Available [ 10002 ]
          Vinod Kumar Vavilapalli made changes -
          Status Patch Available [ 10002 ] Open [ 1 ]
          Vinod Kumar Vavilapalli made changes -
          Attachment HADOOP-6568-20100225.txt [ 12437008 ]
          Vinod Kumar Vavilapalli made changes -
          Status Open [ 1 ] Patch Available [ 10002 ]
          Vinod Kumar Vavilapalli made changes -
          Status Patch Available [ 10002 ] Open [ 1 ]
          Vinod Kumar Vavilapalli made changes -
          Attachment HADOOP-6568-20100225.1.txt [ 12437011 ]
          Vinod Kumar Vavilapalli made changes -
          Status Open [ 1 ] Patch Available [ 10002 ]
          Ravi Gummadi made changes -
          Status Patch Available [ 10002 ] Open [ 1 ]
          Ravi Gummadi made changes -
          Attachment HADOOP-6568-20100225.2.txt [ 12437042 ]
          Ravi Gummadi made changes -
          Status Open [ 1 ] Patch Available [ 10002 ]
          Devaraj Das made changes -
          Status Patch Available [ 10002 ] Resolved [ 5 ]
          Resolution Fixed [ 1 ]
          Vinod Kumar Vavilapalli made changes -
          Attachment HADOOP-6568-20100226-ydist.txt [ 12437129 ]
          Ravi Gummadi made changes -
          Attachment HADOOP-6568-20100226.1-ydist.patch [ 12437323 ]
          Vinod Kumar Vavilapalli made changes -
          Hadoop Flags [Reviewed]
          Release Note Added web-authorization for the default servlets - /logs, /stacks, /logLevel, /metrics, /conf, so that only cluster administrators can access these servlets. hadoop.http.administrators-acl is the new configuration in core-default.xml that can be used to specify the ACL against which an authenticated user should be verified if he/she is an administrator.
          Ravi Gummadi made changes -
          Release Note Added web-authorization for the default servlets - /logs, /stacks, /logLevel, /metrics, /conf, so that only cluster administrators can access these servlets. hadoop.http.administrators-acl is the new configuration in core-default.xml that can be used to specify the ACL against which an authenticated user should be verified if he/she is an administrator. Added web-authorization for the default servlets - /logs, /stacks, /logLevel, /metrics, /conf, so that only cluster administrators can access these servlets. hadoop.cluster.administrators is the new configuration in core-default.xml that can be used to specify the ACL against which an authenticated user should be verified if he/she is an administrator.
          Tom White made changes -
          Fix Version/s 0.21.0 [ 12313563 ]
          Fix Version/s 0.22.0 [ 12314296 ]
          Tom White made changes -
          Status Resolved [ 5 ] Closed [ 6 ]

            People

            • Assignee:
              Vinod Kumar Vavilapalli
              Reporter:
              Vinod Kumar Vavilapalli
            • Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Development