Details

    • Type: Sub-task
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 0.21.0
    • Component/s: security
    • Labels:
      None
    • Hadoop Flags:
      Reviewed
    • Release Note:
      Hide
      Added web-authorization for the default servlets - /logs, /stacks, /logLevel, /metrics, /conf, so that only cluster administrators can access these servlets. hadoop.cluster.administrators is the new configuration in core-default.xml that can be used to specify the ACL against which an authenticated user should be verified if he/she is an administrator.
      Show
      Added web-authorization for the default servlets - /logs, /stacks, /logLevel, /metrics, /conf, so that only cluster administrators can access these servlets. hadoop.cluster.administrators is the new configuration in core-default.xml that can be used to specify the ACL against which an authenticated user should be verified if he/she is an administrator.

      Description

      We have the following default servlets: /logs, /static, /stacks, /logLevel, /metrics, /conf. Barring "/static", rest of the servlets provide information that is only for administrators. In the context of security for the web-servlets, we need protected access to these pages.

        Attachments

        1. HADOOP-6568-20100216.txt
          9 kB
          Vinod Kumar Vavilapalli
        2. HADOOP-6568-20100224.1.txt
          17 kB
          Vinod Kumar Vavilapalli
        3. HADOOP-6568-20100224.txt
          17 kB
          Vinod Kumar Vavilapalli
        4. HADOOP-6568-20100225.1.txt
          24 kB
          Vinod Kumar Vavilapalli
        5. HADOOP-6568-20100225.2.txt
          23 kB
          Ravi Gummadi
        6. HADOOP-6568-20100225.txt
          24 kB
          Vinod Kumar Vavilapalli
        7. HADOOP-6568-20100226.1-ydist.patch
          21 kB
          Ravi Gummadi
        8. HADOOP-6568-20100226-ydist.txt
          21 kB
          Vinod Kumar Vavilapalli

          Issue Links

            Activity

              People

              • Assignee:
                vinodkv Vinod Kumar Vavilapalli
                Reporter:
                vinodkv Vinod Kumar Vavilapalli
              • Votes:
                0 Vote for this issue
                Watchers:
                6 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: