Uploaded image for project: 'Apache Ozone'
  1. Apache Ozone
  2. HDDS-9048

Recon: Use user token to authenticate to the OM in file browser instead of Recon token

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Open
    • Major
    • Resolution: Unresolved
    • None
    • None
    • Ozone Recon
    • None

    Description

      Currently Recon is admin-only. But since we are adding a file browser, we could allow regular users to use it as well.

      Since Recon can be authenticated with SPNEGO, we should investigate if it is possible to use the Kerberos service ticket wrapped inside SPNEGO to authenticate to the OM when user is accessing the Recon file browser.

      The benefit is that file browser access control will be correctly enforced with the existing mechanisms.

      Attachments

        Issue Links

          requires

          Sub-task - The sub-task of the issue HDDS-7169 Recon: Add a file browser

          • Major - Major loss of function.
          • Open

          Activity

            People

              deveshsingh Devesh Kumar Singh
              smeng Siyao Meng
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated: