Uploaded image for project: 'Hadoop HDFS'
  1. Hadoop HDFS
  2. HDFS-447

proxy to call LDAP for IP lookup and get user ID and directories, validate requested URL

    Details

    • Type: New Feature
    • Status: Closed
    • Priority: Critical
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 0.21.0
    • Component/s: contrib/hdfsproxy
    • Labels:
      None

      Description

      It is easy to manage user accounts using LDAP. by adding support for LDAP, proxy can do IP authorization in a headless fashion.

      when a user send a request, proxy extract IP address and request PathInfo from the request. then it searches the LDAP server to get the allowed HDFS root paths given the IP address. Proxy will match the user request PathInfo with the allowed HDFS root path, return 403 if it could not find a match.

        Attachments

        1. HDFS-447.patch
          71 kB
          zhiyong zhang
        2. HDFS-447.patch
          70 kB
          zhiyong zhang
        3. HADOOP-5851.patch
          70 kB
          zhiyong zhang
        4. HADOOP-5851.patch
          70 kB
          zhiyong zhang
        5. HADOOP-5851.patch
          70 kB
          zhiyong zhang
        6. HADOOP-5851.patch
          68 kB
          zhiyong zhang
        7. HADOOP-5851.patch
          60 kB
          zhiyong zhang
        8. HADOOP-5851.patch
          39 kB
          zhiyong zhang
        9. HADOOP-5851.patch
          39 kB
          zhiyong zhang

          Issue Links

            Activity

              People

              • Assignee:
                zhiyong1 zhiyong zhang
                Reporter:
                zhiyong1 zhiyong zhang
              • Votes:
                1 Vote for this issue
                Watchers:
                10 Start watching this issue

                Dates

                • Due:
                  Created:
                  Updated:
                  Resolved: