Uploaded image for project: 'Hadoop YARN'
  1. Hadoop YARN
  2. YARN-1935

Security for timeline server

    XMLWordPrintableJSON

    Details

    • Type: New Feature
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: None
    • Labels:
      None

      Description

      Jira to track work to secure the ATS

        Attachments

        1. Timeline_Kerberos_DT_ACLs.2.patch
          128 kB
          Zhijie Shen
        2. Timeline Security Diagram.pdf
          153 kB
          Zhijie Shen
        3. Timeline_Kerberos_DT_ACLs.patch
          129 kB
          Zhijie Shen

          Issue Links

          1.
          Kerberos authentication for the timeline server Sub-task Closed Zhijie Shen
          2.
          Delegation token stuff for the timeline sever Sub-task Closed Zhijie Shen
          3.
          Secured timeline client Sub-task Closed Zhijie Shen
          4.
          Add entity-level access control of the timeline data for owners only Sub-task Closed Zhijie Shen
          5.
          Extend access control for admin acls Sub-task Closed Zhijie Shen
          6.
          Enforce more restricted permissions for the directory of Leveldb store Sub-task Closed Zhijie Shen
          7.
          Refactor the Timeline Server code for Kerberos + DT authentication Sub-task Resolved Zhijie Shen
          8.
          Document the system filters of the timeline entity Sub-task Resolved Zhijie Shen
          9.
          More generalized timeline ACLs Sub-task Closed Zhijie Shen
          10.
          Type mismatch in contains() check of TimelineWebServices#injectOwnerInfo() Sub-task Closed Ted Yu
          11.
          Close of Reader in TimelineAuthenticationFilterInitializer#initFilter() should be enclosed in finally block Sub-task Closed Chen He
          12.
          TimelineAuthenticator#hasDelegationToken may throw NPE Sub-task Closed Zhijie Shen
          13.
          Enabling HTTPS for the reader REST APIs of TimelineServer Sub-task Resolved Zhijie Shen
          14.
          Enabling HTTPs for the writer REST API of TimelineServer Sub-task Closed Zhijie Shen
          15.
          TimelineServer should load pseudo authentication filter when authentication = simple Sub-task Closed Zhijie Shen
          16.
          Add UTs to cover timeline server authentication Sub-task Closed Zhijie Shen
          17.
          Using TimelineNamespace to shield the entities of a user Sub-task Closed Zhijie Shen
          18.
          Simplify the output when the user doesn't have the access for getDomain(s) Sub-task Closed Zhijie Shen
          19.
          RM should put the application related timeline data into a secured domain Sub-task Open Zhijie Shen
          20.
          Make distributed shell use the domain-based timeline ACLs Sub-task Closed Zhijie Shen
          21.
          Timeline authentication filter should add support for proxy user Sub-task Closed Zhijie Shen
          22.
          Timeline delegation tokens need to be automatically renewed by the RM Sub-task Closed Zhijie Shen

            Activity

              People

              • Assignee:
                zjshen Zhijie Shen
                Reporter:
                acmurthy Arun Murthy
              • Votes:
                0 Vote for this issue
                Watchers:
                17 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: