[HDFS-447] proxy to call LDAP for IP lookup and get user ID and directories, validate requested URL - ASF JIRA

XML

Word

Printable

JSON

Details

Type: New Feature
Status: Closed
Priority: Critical
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 0.21.0
Component/s: contrib/hdfsproxy
Labels:
None

Description

It is easy to manage user accounts using LDAP. by adding support for LDAP, proxy can do IP authorization in a headless fashion.

when a user send a request, proxy extract IP address and request PathInfo from the request. then it searches the LDAP server to get the allowed HDFS root paths given the IP address. Proxy will match the user request PathInfo with the allowed HDFS root path, return 403 if it could not find a match.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

HADOOP-5851.patch
25/Jun/09 01:32
70 kB
zhiyong zhang
HADOOP-5851.patch
24/Jun/09 23:45
70 kB
zhiyong zhang
HADOOP-5851.patch
24/Jun/09 21:56
70 kB
zhiyong zhang
HADOOP-5851.patch
08/Jun/09 18:50
68 kB
zhiyong zhang
HADOOP-5851.patch
04/Jun/09 16:45
60 kB
zhiyong zhang
HADOOP-5851.patch
02/Jun/09 21:13
39 kB
zhiyong zhang
HADOOP-5851.patch
29/May/09 04:06
39 kB
zhiyong zhang
HDFS-447.patch
26/Jun/09 22:08
71 kB
zhiyong zhang
HDFS-447.patch
25/Jun/09 17:15
70 kB
zhiyong zhang

Issue Links

incorporates

HADOOP-5775 HdfsProxy Unit Test should not depend on HDFSPROXY_CONF_DIR environment

Closed

Activity

People

Assignee:: zhiyong zhang

Reporter:: zhiyong zhang

Votes:: 1 Vote for this issue

Watchers:: 10 Start watching this issue

Dates

Due:: 01/Jun/09

Created:: 15/May/09 18:52

Updated:: 24/Aug/10 20:48

Resolved:: 26/Jun/09 22:48