Details

    • Type: Sub-task Sub-task
    • Status: Closed
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 0.21.0
    • Component/s: security
    • Labels:
      None
    • Hadoop Flags:
      Reviewed
    • Release Note:
      Hide
      Added web-authorization for the default servlets - /logs, /stacks, /logLevel, /metrics, /conf, so that only cluster administrators can access these servlets. hadoop.cluster.administrators is the new configuration in core-default.xml that can be used to specify the ACL against which an authenticated user should be verified if he/she is an administrator.
      Show
      Added web-authorization for the default servlets - /logs, /stacks, /logLevel, /metrics, /conf, so that only cluster administrators can access these servlets. hadoop.cluster.administrators is the new configuration in core-default.xml that can be used to specify the ACL against which an authenticated user should be verified if he/she is an administrator.

      Description

      We have the following default servlets: /logs, /static, /stacks, /logLevel, /metrics, /conf. Barring "/static", rest of the servlets provide information that is only for administrators. In the context of security for the web-servlets, we need protected access to these pages.

      1. HADOOP-6568-20100216.txt
        9 kB
        Vinod Kumar Vavilapalli
      2. HADOOP-6568-20100224.txt
        17 kB
        Vinod Kumar Vavilapalli
      3. HADOOP-6568-20100224.1.txt
        17 kB
        Vinod Kumar Vavilapalli
      4. HADOOP-6568-20100225.txt
        24 kB
        Vinod Kumar Vavilapalli
      5. HADOOP-6568-20100225.1.txt
        24 kB
        Vinod Kumar Vavilapalli
      6. HADOOP-6568-20100225.2.txt
        23 kB
        Ravi Gummadi
      7. HADOOP-6568-20100226-ydist.txt
        21 kB
        Vinod Kumar Vavilapalli
      8. HADOOP-6568-20100226.1-ydist.patch
        21 kB
        Ravi Gummadi

        Issue Links

          Activity

          Vinod Kumar Vavilapalli created issue -
          Vinod Kumar Vavilapalli made changes -
          Field Original Value New Value
          Fix Version/s 0.22.0 [ 12314296 ]
          Description We have the following default servlets: /logs, /static, /stacks, /logLevel, /metrics, /conf. Barring "/static", rest of the servlets provide information that is only for administrators. In the context of security for the web-servlets, we need protected access to these pages.
          Component/s security [ 12312526 ]
          Vinod Kumar Vavilapalli made changes -
          Link This issue relates to MAPREDUCE-1455 [ MAPREDUCE-1455 ]
          Hide
          Vinod Kumar Vavilapalli added a comment -

          For the sake of authentication, we can use the framework for web-filters added by HADOOP-3854.
          Once authenticated, we can obtain the identity of the user who logged in by using the Servlet API request.getRemoteUser(). Using this and a configuration for super-users and super-groups we can authorize access to these servlets. Thoughts?

          Show
          Vinod Kumar Vavilapalli added a comment - For the sake of authentication, we can use the framework for web-filters added by HADOOP-3854 . Once authenticated, we can obtain the identity of the user who logged in by using the Servlet API request.getRemoteUser() . Using this and a configuration for super-users and super-groups we can authorize access to these servlets. Thoughts?
          Hide
          Vinod Kumar Vavilapalli added a comment -

          Here's a patch that demonstrates the proposal:

          • hadoop.http.administrators-acl is a new configuration in core-default.xml. It is the ACL against which a authenticated user will be verified. Authenticated user identity is assumed to be obtainable via request.getRemoteUser()
          • All the default servlets are modified in this patch to do the access control checks.
          • If we agree on this configuration in 'common' itself, other configuration properties can be deprecated in favour of this: dfs.permissions.superusergroup in HDFS and mapred.permissions.supergroup in MAPRED.
          Show
          Vinod Kumar Vavilapalli added a comment - Here's a patch that demonstrates the proposal: hadoop.http.administrators-acl is a new configuration in core-default.xml. It is the ACL against which a authenticated user will be verified. Authenticated user identity is assumed to be obtainable via request.getRemoteUser() All the default servlets are modified in this patch to do the access control checks. If we agree on this configuration in 'common' itself, other configuration properties can be deprecated in favour of this: dfs.permissions.superusergroup in HDFS and mapred.permissions.supergroup in MAPRED.
          Vinod Kumar Vavilapalli made changes -
          Attachment HADOOP-6568-20100216.txt [ 12435955 ]
          Vinod Kumar Vavilapalli made changes -
          Assignee Vinod K V [ vinodkv ]
          Hide
          Ravi Gummadi added a comment -

          >>If we agree on this configuration in 'common' itself, other configuration properties can be deprecated in favour of this: dfs.permissions.superusergroup in HDFS and mapred.permissions.supergroup in MAPRED.

          If we agree to this, then the config name will not be specific to http. We need to change the config name to hadoop.administrators-acls ?

          Show
          Ravi Gummadi added a comment - >>If we agree on this configuration in 'common' itself, other configuration properties can be deprecated in favour of this: dfs.permissions.superusergroup in HDFS and mapred.permissions.supergroup in MAPRED. If we agree to this, then the config name will not be specific to http. We need to change the config name to hadoop.administrators-acls ?
          Hide
          Ravi Gummadi added a comment -

          Getting an NPE from HttpServer.java:isAuthorizedAccess() when I tested the patch.
          The following line seems to be getting null into conf. Please check the same while you add testcase.
          Configuration conf =
          (Configuration) servletContext.getAttribute(CONF_CONTEXT_ATTRIBUTE);

          Show
          Ravi Gummadi added a comment - Getting an NPE from HttpServer.java:isAuthorizedAccess() when I tested the patch. The following line seems to be getting null into conf. Please check the same while you add testcase. Configuration conf = (Configuration) servletContext.getAttribute(CONF_CONTEXT_ATTRIBUTE);
          Hide
          Devaraj Das added a comment -

          Makes sense to deprecate the HDFS/MR configs in favor of a common config name that hdfs/mr can configure differently.. (we may not want to have the same superusers in hdfs/mr)

          Show
          Devaraj Das added a comment - Makes sense to deprecate the HDFS/MR configs in favor of a common config name that hdfs/mr can configure differently.. (we may not want to have the same superusers in hdfs/mr)
          Hide
          Vinod Kumar Vavilapalli added a comment -

          Looks like we have a consensus. I am attaching a patch for this issue.

          • hadoop.cluster.administrators is the ACL for specifying who the superusers/supergroups are.
          • Also added a test to verify the authorization.
          Show
          Vinod Kumar Vavilapalli added a comment - Looks like we have a consensus. I am attaching a patch for this issue. hadoop.cluster.administrators is the ACL for specifying who the superusers/supergroups are. Also added a test to verify the authorization.
          Vinod Kumar Vavilapalli made changes -
          Attachment HADOOP-6568-20100224.txt [ 12436833 ]
          Vinod Kumar Vavilapalli made changes -
          Status Open [ 1 ] Patch Available [ 10002 ]
          Hide
          Hadoop QA added a comment -

          -1 overall. Here are the results of testing the latest attachment
          http://issues.apache.org/jira/secure/attachment/12436833/HADOOP-6568-20100224.txt
          against trunk revision 915168.

          +1 @author. The patch does not contain any @author tags.

          +1 tests included. The patch appears to include 3 new or modified tests.

          +1 javadoc. The javadoc tool did not generate any warning messages.

          -1 javac. The applied patch generated 1025 javac compiler warnings (more than the trunk's current 1024 warnings).

          +1 findbugs. The patch does not introduce any new Findbugs warnings.

          +1 release audit. The applied patch does not increase the total number of release audit warnings.

          +1 core tests. The patch passed core unit tests.

          +1 contrib tests. The patch passed contrib unit tests.

          Test results: http://hudson.zones.apache.org/hudson/job/Hadoop-Patch-h4.grid.sp2.yahoo.net/375/testReport/
          Findbugs warnings: http://hudson.zones.apache.org/hudson/job/Hadoop-Patch-h4.grid.sp2.yahoo.net/375/artifact/trunk/build/test/findbugs/newPatchFindbugsWarnings.html
          Checkstyle results: http://hudson.zones.apache.org/hudson/job/Hadoop-Patch-h4.grid.sp2.yahoo.net/375/artifact/trunk/build/test/checkstyle-errors.html
          Console output: http://hudson.zones.apache.org/hudson/job/Hadoop-Patch-h4.grid.sp2.yahoo.net/375/console

          This message is automatically generated.

          Show
          Hadoop QA added a comment - -1 overall. Here are the results of testing the latest attachment http://issues.apache.org/jira/secure/attachment/12436833/HADOOP-6568-20100224.txt against trunk revision 915168. +1 @author. The patch does not contain any @author tags. +1 tests included. The patch appears to include 3 new or modified tests. +1 javadoc. The javadoc tool did not generate any warning messages. -1 javac. The applied patch generated 1025 javac compiler warnings (more than the trunk's current 1024 warnings). +1 findbugs. The patch does not introduce any new Findbugs warnings. +1 release audit. The applied patch does not increase the total number of release audit warnings. +1 core tests. The patch passed core unit tests. +1 contrib tests. The patch passed contrib unit tests. Test results: http://hudson.zones.apache.org/hudson/job/Hadoop-Patch-h4.grid.sp2.yahoo.net/375/testReport/ Findbugs warnings: http://hudson.zones.apache.org/hudson/job/Hadoop-Patch-h4.grid.sp2.yahoo.net/375/artifact/trunk/build/test/findbugs/newPatchFindbugsWarnings.html Checkstyle results: http://hudson.zones.apache.org/hudson/job/Hadoop-Patch-h4.grid.sp2.yahoo.net/375/artifact/trunk/build/test/checkstyle-errors.html Console output: http://hudson.zones.apache.org/hudson/job/Hadoop-Patch-h4.grid.sp2.yahoo.net/375/console This message is automatically generated.
          Vinod Kumar Vavilapalli made changes -
          Status Patch Available [ 10002 ] Open [ 1 ]
          Hide
          Vinod Kumar Vavilapalli added a comment -

          Patch fixing javac warning.

          Show
          Vinod Kumar Vavilapalli added a comment - Patch fixing javac warning.
          Vinod Kumar Vavilapalli made changes -
          Attachment HADOOP-6568-20100224.1.txt [ 12436841 ]
          Vinod Kumar Vavilapalli made changes -
          Status Open [ 1 ] Patch Available [ 10002 ]
          Hide
          Hadoop QA added a comment -

          +1 overall. Here are the results of testing the latest attachment
          http://issues.apache.org/jira/secure/attachment/12436841/HADOOP-6568-20100224.1.txt
          against trunk revision 915168.

          +1 @author. The patch does not contain any @author tags.

          +1 tests included. The patch appears to include 3 new or modified tests.

          +1 javadoc. The javadoc tool did not generate any warning messages.

          +1 javac. The applied patch does not increase the total number of javac compiler warnings.

          +1 findbugs. The patch does not introduce any new Findbugs warnings.

          +1 release audit. The applied patch does not increase the total number of release audit warnings.

          +1 core tests. The patch passed core unit tests.

          +1 contrib tests. The patch passed contrib unit tests.

          Test results: http://hudson.zones.apache.org/hudson/job/Hadoop-Patch-h4.grid.sp2.yahoo.net/376/testReport/
          Findbugs warnings: http://hudson.zones.apache.org/hudson/job/Hadoop-Patch-h4.grid.sp2.yahoo.net/376/artifact/trunk/build/test/findbugs/newPatchFindbugsWarnings.html
          Checkstyle results: http://hudson.zones.apache.org/hudson/job/Hadoop-Patch-h4.grid.sp2.yahoo.net/376/artifact/trunk/build/test/checkstyle-errors.html
          Console output: http://hudson.zones.apache.org/hudson/job/Hadoop-Patch-h4.grid.sp2.yahoo.net/376/console

          This message is automatically generated.

          Show
          Hadoop QA added a comment - +1 overall. Here are the results of testing the latest attachment http://issues.apache.org/jira/secure/attachment/12436841/HADOOP-6568-20100224.1.txt against trunk revision 915168. +1 @author. The patch does not contain any @author tags. +1 tests included. The patch appears to include 3 new or modified tests. +1 javadoc. The javadoc tool did not generate any warning messages. +1 javac. The applied patch does not increase the total number of javac compiler warnings. +1 findbugs. The patch does not introduce any new Findbugs warnings. +1 release audit. The applied patch does not increase the total number of release audit warnings. +1 core tests. The patch passed core unit tests. +1 contrib tests. The patch passed contrib unit tests. Test results: http://hudson.zones.apache.org/hudson/job/Hadoop-Patch-h4.grid.sp2.yahoo.net/376/testReport/ Findbugs warnings: http://hudson.zones.apache.org/hudson/job/Hadoop-Patch-h4.grid.sp2.yahoo.net/376/artifact/trunk/build/test/findbugs/newPatchFindbugsWarnings.html Checkstyle results: http://hudson.zones.apache.org/hudson/job/Hadoop-Patch-h4.grid.sp2.yahoo.net/376/artifact/trunk/build/test/checkstyle-errors.html Console output: http://hudson.zones.apache.org/hudson/job/Hadoop-Patch-h4.grid.sp2.yahoo.net/376/console This message is automatically generated.
          Hide
          Ravi Gummadi added a comment -

          Patch looks good. Verified on the web UI for access of /logs, /conf, /stacks, /metrics, and /logLevel.

          Some minor comments:

          (1) Description of config property in core-default.xml needs to be corrected.
          >>For specifying a list of users and groups the format to use is "user1,user2 group1,group". If set to '*', it allows all users/groups to modify this job.
          As this is not job-specific config, change the above to something like
          For specifying a list of users and groups the format to use is "user1,user2 group1,group2". If set to '*', it allows all users to view logs, conf, metrics, stacks, etc.

          (2) Please add some javadoc for methods in testcase.

          (3) Error message displayed when authorization fails can be improved by adding quotes for the value of adminsAclString ?
          Currently, it is like –
          User user2 is unauthorized to access this page. Only superusers/supergroup user1 group1,group2 can access this page.
          It would look better with quotes:
          User user2 is unauthorized to access this page. Only superusers/supergroup "user1 group1,group2" can access this page.

          Show
          Ravi Gummadi added a comment - Patch looks good. Verified on the web UI for access of /logs, /conf, /stacks, /metrics, and /logLevel. Some minor comments: (1) Description of config property in core-default.xml needs to be corrected. >>For specifying a list of users and groups the format to use is "user1,user2 group1,group". If set to '*', it allows all users/groups to modify this job. As this is not job-specific config, change the above to something like For specifying a list of users and groups the format to use is "user1,user2 group1,group2". If set to '*', it allows all users to view logs, conf, metrics, stacks, etc. (2) Please add some javadoc for methods in testcase. (3) Error message displayed when authorization fails can be improved by adding quotes for the value of adminsAclString ? Currently, it is like – User user2 is unauthorized to access this page. Only superusers/supergroup user1 group1,group2 can access this page. It would look better with quotes: User user2 is unauthorized to access this page. Only superusers/supergroup "user1 group1,group2" can access this page.
          Vinod Kumar Vavilapalli made changes -
          Status Patch Available [ 10002 ] Open [ 1 ]
          Hide
          Vinod Kumar Vavilapalli added a comment -

          Updated patch addressing comments.

          Show
          Vinod Kumar Vavilapalli added a comment - Updated patch addressing comments.
          Vinod Kumar Vavilapalli made changes -
          Attachment HADOOP-6568-20100225.txt [ 12437008 ]
          Vinod Kumar Vavilapalli made changes -
          Status Open [ 1 ] Patch Available [ 10002 ]
          Vinod Kumar Vavilapalli made changes -
          Status Patch Available [ 10002 ] Open [ 1 ]
          Hide
          Hadoop QA added a comment -

          +1 overall. Here are the results of testing the latest attachment
          http://issues.apache.org/jira/secure/attachment/12437008/HADOOP-6568-20100225.txt
          against trunk revision 916290.

          +1 @author. The patch does not contain any @author tags.

          +1 tests included. The patch appears to include 9 new or modified tests.

          +1 javadoc. The javadoc tool did not generate any warning messages.

          +1 javac. The applied patch does not increase the total number of javac compiler warnings.

          +1 findbugs. The patch does not introduce any new Findbugs warnings.

          +1 release audit. The applied patch does not increase the total number of release audit warnings.

          +1 core tests. The patch passed core unit tests.

          +1 contrib tests. The patch passed contrib unit tests.

          Test results: http://hudson.zones.apache.org/hudson/job/Hadoop-Patch-h4.grid.sp2.yahoo.net/383/testReport/
          Findbugs warnings: http://hudson.zones.apache.org/hudson/job/Hadoop-Patch-h4.grid.sp2.yahoo.net/383/artifact/trunk/build/test/findbugs/newPatchFindbugsWarnings.html
          Checkstyle results: http://hudson.zones.apache.org/hudson/job/Hadoop-Patch-h4.grid.sp2.yahoo.net/383/artifact/trunk/build/test/checkstyle-errors.html
          Console output: http://hudson.zones.apache.org/hudson/job/Hadoop-Patch-h4.grid.sp2.yahoo.net/383/console

          This message is automatically generated.

          Show
          Hadoop QA added a comment - +1 overall. Here are the results of testing the latest attachment http://issues.apache.org/jira/secure/attachment/12437008/HADOOP-6568-20100225.txt against trunk revision 916290. +1 @author. The patch does not contain any @author tags. +1 tests included. The patch appears to include 9 new or modified tests. +1 javadoc. The javadoc tool did not generate any warning messages. +1 javac. The applied patch does not increase the total number of javac compiler warnings. +1 findbugs. The patch does not introduce any new Findbugs warnings. +1 release audit. The applied patch does not increase the total number of release audit warnings. +1 core tests. The patch passed core unit tests. +1 contrib tests. The patch passed contrib unit tests. Test results: http://hudson.zones.apache.org/hudson/job/Hadoop-Patch-h4.grid.sp2.yahoo.net/383/testReport/ Findbugs warnings: http://hudson.zones.apache.org/hudson/job/Hadoop-Patch-h4.grid.sp2.yahoo.net/383/artifact/trunk/build/test/findbugs/newPatchFindbugsWarnings.html Checkstyle results: http://hudson.zones.apache.org/hudson/job/Hadoop-Patch-h4.grid.sp2.yahoo.net/383/artifact/trunk/build/test/checkstyle-errors.html Console output: http://hudson.zones.apache.org/hudson/job/Hadoop-Patch-h4.grid.sp2.yahoo.net/383/console This message is automatically generated.
          Vinod Kumar Vavilapalli made changes -
          Attachment HADOOP-6568-20100225.1.txt [ 12437011 ]
          Vinod Kumar Vavilapalli made changes -
          Status Open [ 1 ] Patch Available [ 10002 ]
          Hide
          Hadoop QA added a comment -

          +1 overall. Here are the results of testing the latest attachment
          http://issues.apache.org/jira/secure/attachment/12437011/HADOOP-6568-20100225.1.txt
          against trunk revision 916290.

          +1 @author. The patch does not contain any @author tags.

          +1 tests included. The patch appears to include 9 new or modified tests.

          +1 javadoc. The javadoc tool did not generate any warning messages.

          +1 javac. The applied patch does not increase the total number of javac compiler warnings.

          +1 findbugs. The patch does not introduce any new Findbugs warnings.

          +1 release audit. The applied patch does not increase the total number of release audit warnings.

          +1 core tests. The patch passed core unit tests.

          +1 contrib tests. The patch passed contrib unit tests.

          Test results: http://hudson.zones.apache.org/hudson/job/Hadoop-Patch-h4.grid.sp2.yahoo.net/384/testReport/
          Findbugs warnings: http://hudson.zones.apache.org/hudson/job/Hadoop-Patch-h4.grid.sp2.yahoo.net/384/artifact/trunk/build/test/findbugs/newPatchFindbugsWarnings.html
          Checkstyle results: http://hudson.zones.apache.org/hudson/job/Hadoop-Patch-h4.grid.sp2.yahoo.net/384/artifact/trunk/build/test/checkstyle-errors.html
          Console output: http://hudson.zones.apache.org/hudson/job/Hadoop-Patch-h4.grid.sp2.yahoo.net/384/console

          This message is automatically generated.

          Show
          Hadoop QA added a comment - +1 overall. Here are the results of testing the latest attachment http://issues.apache.org/jira/secure/attachment/12437011/HADOOP-6568-20100225.1.txt against trunk revision 916290. +1 @author. The patch does not contain any @author tags. +1 tests included. The patch appears to include 9 new or modified tests. +1 javadoc. The javadoc tool did not generate any warning messages. +1 javac. The applied patch does not increase the total number of javac compiler warnings. +1 findbugs. The patch does not introduce any new Findbugs warnings. +1 release audit. The applied patch does not increase the total number of release audit warnings. +1 core tests. The patch passed core unit tests. +1 contrib tests. The patch passed contrib unit tests. Test results: http://hudson.zones.apache.org/hudson/job/Hadoop-Patch-h4.grid.sp2.yahoo.net/384/testReport/ Findbugs warnings: http://hudson.zones.apache.org/hudson/job/Hadoop-Patch-h4.grid.sp2.yahoo.net/384/artifact/trunk/build/test/findbugs/newPatchFindbugsWarnings.html Checkstyle results: http://hudson.zones.apache.org/hudson/job/Hadoop-Patch-h4.grid.sp2.yahoo.net/384/artifact/trunk/build/test/checkstyle-errors.html Console output: http://hudson.zones.apache.org/hudson/job/Hadoop-Patch-h4.grid.sp2.yahoo.net/384/console This message is automatically generated.
          Hide
          Devaraj Das added a comment -

          +1 (i am going to commit it)

          Show
          Devaraj Das added a comment - +1 (i am going to commit it)
          Ravi Gummadi made changes -
          Status Patch Available [ 10002 ] Open [ 1 ]
          Hide
          Ravi Gummadi added a comment -

          Small change to description of config property hadoop.cluster.administrators in core-default.xml is done in this patch.
          I verified that /logs, /stacks, /conf, /metrics and /logLevel work as expected with hadoop.security.authorization set to true and false and for user existing/notExisting in hadoop.cluster.administrators.

          +1 fom my side.

          Show
          Ravi Gummadi added a comment - Small change to description of config property hadoop.cluster.administrators in core-default.xml is done in this patch. I verified that /logs, /stacks, /conf, /metrics and /logLevel work as expected with hadoop.security.authorization set to true and false and for user existing/notExisting in hadoop.cluster.administrators. +1 fom my side.
          Ravi Gummadi made changes -
          Attachment HADOOP-6568-20100225.2.txt [ 12437042 ]
          Ravi Gummadi made changes -
          Status Open [ 1 ] Patch Available [ 10002 ]
          Hide
          Hadoop QA added a comment -

          +1 overall. Here are the results of testing the latest attachment
          http://issues.apache.org/jira/secure/attachment/12437042/HADOOP-6568-20100225.2.txt
          against trunk revision 916390.

          +1 @author. The patch does not contain any @author tags.

          +1 tests included. The patch appears to include 9 new or modified tests.

          +1 javadoc. The javadoc tool did not generate any warning messages.

          +1 javac. The applied patch does not increase the total number of javac compiler warnings.

          +1 findbugs. The patch does not introduce any new Findbugs warnings.

          +1 release audit. The applied patch does not increase the total number of release audit warnings.

          +1 core tests. The patch passed core unit tests.

          +1 contrib tests. The patch passed contrib unit tests.

          Test results: http://hudson.zones.apache.org/hudson/job/Hadoop-Patch-h4.grid.sp2.yahoo.net/385/testReport/
          Findbugs warnings: http://hudson.zones.apache.org/hudson/job/Hadoop-Patch-h4.grid.sp2.yahoo.net/385/artifact/trunk/build/test/findbugs/newPatchFindbugsWarnings.html
          Checkstyle results: http://hudson.zones.apache.org/hudson/job/Hadoop-Patch-h4.grid.sp2.yahoo.net/385/artifact/trunk/build/test/checkstyle-errors.html
          Console output: http://hudson.zones.apache.org/hudson/job/Hadoop-Patch-h4.grid.sp2.yahoo.net/385/console

          This message is automatically generated.

          Show
          Hadoop QA added a comment - +1 overall. Here are the results of testing the latest attachment http://issues.apache.org/jira/secure/attachment/12437042/HADOOP-6568-20100225.2.txt against trunk revision 916390. +1 @author. The patch does not contain any @author tags. +1 tests included. The patch appears to include 9 new or modified tests. +1 javadoc. The javadoc tool did not generate any warning messages. +1 javac. The applied patch does not increase the total number of javac compiler warnings. +1 findbugs. The patch does not introduce any new Findbugs warnings. +1 release audit. The applied patch does not increase the total number of release audit warnings. +1 core tests. The patch passed core unit tests. +1 contrib tests. The patch passed contrib unit tests. Test results: http://hudson.zones.apache.org/hudson/job/Hadoop-Patch-h4.grid.sp2.yahoo.net/385/testReport/ Findbugs warnings: http://hudson.zones.apache.org/hudson/job/Hadoop-Patch-h4.grid.sp2.yahoo.net/385/artifact/trunk/build/test/findbugs/newPatchFindbugsWarnings.html Checkstyle results: http://hudson.zones.apache.org/hudson/job/Hadoop-Patch-h4.grid.sp2.yahoo.net/385/artifact/trunk/build/test/checkstyle-errors.html Console output: http://hudson.zones.apache.org/hudson/job/Hadoop-Patch-h4.grid.sp2.yahoo.net/385/console This message is automatically generated.
          Hide
          Devaraj Das added a comment -

          I just committed this. Thanks, Vinod!

          Show
          Devaraj Das added a comment - I just committed this. Thanks, Vinod!
          Devaraj Das made changes -
          Status Patch Available [ 10002 ] Resolved [ 5 ]
          Resolution Fixed [ 1 ]
          Hide
          Vinod Kumar Vavilapalli added a comment -

          Patch for earlier versions. Not for commit here.

          Show
          Vinod Kumar Vavilapalli added a comment - Patch for earlier versions. Not for commit here.
          Vinod Kumar Vavilapalli made changes -
          Attachment HADOOP-6568-20100226-ydist.txt [ 12437129 ]
          Hide
          Hudson added a comment -

          Integrated in Hadoop-Common-trunk #261 (See http://hudson.zones.apache.org/hudson/job/Hadoop-Common-trunk/261/)
          . Adds authorization for the default servlets. Contributed by Vinod Kumar Vavilapalli.

          Show
          Hudson added a comment - Integrated in Hadoop-Common-trunk #261 (See http://hudson.zones.apache.org/hudson/job/Hadoop-Common-trunk/261/ ) . Adds authorization for the default servlets. Contributed by Vinod Kumar Vavilapalli.
          Hide
          Ravi Gummadi added a comment -

          Attaching updated patch for earlier version. Not for commit here.

          Show
          Ravi Gummadi added a comment - Attaching updated patch for earlier version. Not for commit here.
          Ravi Gummadi made changes -
          Attachment HADOOP-6568-20100226.1-ydist.patch [ 12437323 ]
          Hide
          Hudson added a comment -

          Integrated in Hadoop-Common-trunk-Commit #193 (See http://hudson.zones.apache.org/hudson/job/Hadoop-Common-trunk-Commit/193/)
          . Adds authorization for the default servlets. Contributed by Vinod Kumar Vavilapalli.

          Show
          Hudson added a comment - Integrated in Hadoop-Common-trunk-Commit #193 (See http://hudson.zones.apache.org/hudson/job/Hadoop-Common-trunk-Commit/193/ ) . Adds authorization for the default servlets. Contributed by Vinod Kumar Vavilapalli.
          Vinod Kumar Vavilapalli made changes -
          Hadoop Flags [Reviewed]
          Release Note Added web-authorization for the default servlets - /logs, /stacks, /logLevel, /metrics, /conf, so that only cluster administrators can access these servlets. hadoop.http.administrators-acl is the new configuration in core-default.xml that can be used to specify the ACL against which an authenticated user should be verified if he/she is an administrator.
          Ravi Gummadi made changes -
          Release Note Added web-authorization for the default servlets - /logs, /stacks, /logLevel, /metrics, /conf, so that only cluster administrators can access these servlets. hadoop.http.administrators-acl is the new configuration in core-default.xml that can be used to specify the ACL against which an authenticated user should be verified if he/she is an administrator. Added web-authorization for the default servlets - /logs, /stacks, /logLevel, /metrics, /conf, so that only cluster administrators can access these servlets. hadoop.cluster.administrators is the new configuration in core-default.xml that can be used to specify the ACL against which an authenticated user should be verified if he/she is an administrator.
          Tom White made changes -
          Fix Version/s 0.21.0 [ 12313563 ]
          Fix Version/s 0.22.0 [ 12314296 ]
          Tom White made changes -
          Status Resolved [ 5 ] Closed [ 6 ]
          Transition Time In Source Status Execution Times Last Executer Last Execution Date
          Patch Available Patch Available Open Open
          1d 11h 50m 4 Ravi Gummadi 25/Feb/10 20:29
          Open Open Patch Available Patch Available
          8d 23h 13m 5 Ravi Gummadi 25/Feb/10 20:36
          Patch Available Patch Available Resolved Resolved
          1h 3m 1 Devaraj Das 25/Feb/10 21:40
          Resolved Resolved Closed Closed
          179d 23h 1m 1 Tom White 24/Aug/10 21:42

            People

            • Assignee:
              Vinod Kumar Vavilapalli
              Reporter:
              Vinod Kumar Vavilapalli
            • Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Development