Details

    • Reviewed
    • Hide
      Adds job-level authorization to servlets(other than history related servlets) for accessing job related info. Deprecates mapreduce.jobtracker.permissions.supergroup and adds the config mapreduce.cluster.permissions.supergroup at cluster level sothat it will be used by TaskTracker also. Authorization checks are done if authentication is succeeded and mapreduce.cluster.job-authorization-enabled is set to true.
      Show
      Adds job-level authorization to servlets(other than history related servlets) for accessing job related info. Deprecates mapreduce.jobtracker.permissions.supergroup and adds the config mapreduce.cluster.permissions.supergroup at cluster level sothat it will be used by TaskTracker also. Authorization checks are done if authentication is succeeded and mapreduce.cluster.job-authorization-enabled is set to true.

    Description

      This jira is about building the authorization for servlets (on top of MAPREDUCE-1307). That is, the JobTracker/TaskTracker runs authorization checks on web requests based on the configured job permissions. For e.g., if the job permission is 600, then no one except the authenticated user can look at the job details via the browser. The authenticated user in the servlet can be obtained using the HttpServletRequest method.

      Attachments

        1. 1455.20S.2.fix.patch
          0.7 kB
          Ravi Gummadi
        2. 1455.20S.2.fix1.patch
          11 kB
          Ravi Gummadi
        3. 1455.20S.2.patch
          106 kB
          Ravi Gummadi
        4. 1455.patch
          69 kB
          Ravi Gummadi
        5. 1455.v1.patch
          76 kB
          Ravi Gummadi
        6. 1455.v2.patch
          81 kB
          Ravi Gummadi
        7. 1455.v3.patch
          104 kB
          Ravi Gummadi
        8. 1455.v4.1.patch
          108 kB
          Ravi Gummadi
        9. 1455.v4.2.patch
          110 kB
          Ravi Gummadi
        10. 1455.v4.patch
          110 kB
          Ravi Gummadi

        Issue Links

          Activity

            People

              ravidotg Ravi Gummadi
              ddas Devaraj Das
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: