Details

    • Hadoop Flags:
      Reviewed
    • Release Note:
      Hide
      Adds job-level authorization to servlets(other than history related servlets) for accessing job related info. Deprecates mapreduce.jobtracker.permissions.supergroup and adds the config mapreduce.cluster.permissions.supergroup at cluster level sothat it will be used by TaskTracker also. Authorization checks are done if authentication is succeeded and mapreduce.cluster.job-authorization-enabled is set to true.
      Show
      Adds job-level authorization to servlets(other than history related servlets) for accessing job related info. Deprecates mapreduce.jobtracker.permissions.supergroup and adds the config mapreduce.cluster.permissions.supergroup at cluster level sothat it will be used by TaskTracker also. Authorization checks are done if authentication is succeeded and mapreduce.cluster.job-authorization-enabled is set to true.

      Description

      This jira is about building the authorization for servlets (on top of MAPREDUCE-1307). That is, the JobTracker/TaskTracker runs authorization checks on web requests based on the configured job permissions. For e.g., if the job permission is 600, then no one except the authenticated user can look at the job details via the browser. The authenticated user in the servlet can be obtained using the HttpServletRequest method.

        Attachments

        1. 1455.20S.2.fix1.patch
          11 kB
          Ravi Gummadi
        2. 1455.v4.2.patch
          110 kB
          Ravi Gummadi
        3. 1455.20S.2.fix.patch
          0.7 kB
          Ravi Gummadi
        4. 1455.20S.2.patch
          106 kB
          Ravi Gummadi
        5. 1455.v4.1.patch
          108 kB
          Ravi Gummadi
        6. 1455.v4.patch
          110 kB
          Ravi Gummadi
        7. 1455.v3.patch
          104 kB
          Ravi Gummadi
        8. 1455.v2.patch
          81 kB
          Ravi Gummadi
        9. 1455.v1.patch
          76 kB
          Ravi Gummadi
        10. 1455.patch
          69 kB
          Ravi Gummadi

          Issue Links

            Activity

              People

              • Assignee:
                ravidotg Ravi Gummadi
                Reporter:
                devaraj Devaraj Das
              • Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: