Details

    • Type: New Feature New Feature
    • Status: Open
    • Priority: Major Major
    • Resolution: Unresolved
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: None
    • Labels:
      None

      Description

      Jira to track work to secure the ATS

      1. Timeline_Kerberos_DT_ACLs.patch
        129 kB
        Zhijie Shen
      2. Timeline Security Diagram.pdf
        153 kB
        Zhijie Shen
      3. Timeline_Kerberos_DT_ACLs.2.patch
        128 kB
        Zhijie Shen

        Issue Links

        1.
        Kerberos authentication for the timeline server Sub-task Closed Zhijie Shen
         
        2.
        Delegation token stuff for the timeline sever Sub-task Closed Zhijie Shen
         
        3.
        Secured timeline client Sub-task Closed Zhijie Shen
         
        4.
        Add entity-level access control of the timeline data for owners only Sub-task Closed Zhijie Shen
         
        5.
        Extend access control for admin acls Sub-task Closed Zhijie Shen
         
        6.
        Enforce more restricted permissions for the directory of Leveldb store Sub-task Closed Zhijie Shen
         
        7.
        Refactor the Timeline Server code for Kerberos + DT authentication Sub-task Resolved Zhijie Shen
         
        8. Document the system filters of the timeline entity Sub-task Open Zhijie Shen
         
        9.
        More generalized timeline ACLs Sub-task Closed Zhijie Shen
         
        10.
        Type mismatch in contains() check of TimelineWebServices#injectOwnerInfo() Sub-task Closed Ted Yu
         
        11.
        Close of Reader in TimelineAuthenticationFilterInitializer#initFilter() should be enclosed in finally block Sub-task Closed Chen He
         
        12.
        TimelineAuthenticator#hasDelegationToken may throw NPE Sub-task Closed Zhijie Shen
         
        13.
        Enabling HTTPS for the reader REST APIs of TimelineServer Sub-task Resolved Zhijie Shen
         
        14.
        Enabling HTTPs for the writer REST API of TimelineServer Sub-task Closed Zhijie Shen
         
        15.
        TimelineServer should load pseudo authentication filter when authentication = simple Sub-task Closed Zhijie Shen
         
        16.
        Add UTs to cover timeline server authentication Sub-task Closed Zhijie Shen
         
        17.
        Using TimelineNamespace to shield the entities of a user Sub-task Closed Zhijie Shen
         
        18.
        Simplify the output when the user doesn't have the access for getDomain(s) Sub-task Closed Zhijie Shen
         
        19. RM should put the application related timeline data into a secured domain Sub-task Open Zhijie Shen
         
        20.
        Make distributed shell use the domain-based timeline ACLs Sub-task Closed Zhijie Shen
         
        21.
        Timeline authentication filter should add support for proxy user Sub-task Closed Zhijie Shen
         
        22.
        Timeline delegation tokens need to be automatically renewed by the RM Sub-task Closed Zhijie Shen
         

          Activity

          Vinod Kumar Vavilapalli made changes -
          Status Patch Available [ 10002 ] Open [ 1 ]
          Zhijie Shen made changes -
          Attachment Timeline Security Diagram.pdf [ 12645844 ]
          Attachment Timeline_Kerberos_DT_ACLs.2.patch [ 12645845 ]
          Zhijie Shen made changes -
          Status Open [ 1 ] Patch Available [ 10002 ]
          Zhijie Shen made changes -
          Attachment Timeline_Kerberos_DT_ACLs.patch [ 12645303 ]
          Zhijie Shen made changes -
          Link This issue relates to YARN-1530 [ YARN-1530 ]
          Zhijie Shen made changes -
          Link This issue relates to YARN-1937 [ YARN-1937 ]
          Zhijie Shen made changes -
          Link This issue is blocked by HADOOP-10596 [ HADOOP-10596 ]
          Zhijie Shen made changes -
          Link This issue relates to YARN-1936 [ YARN-1936 ]
          Zhijie Shen made changes -
          Link This issue relates to YARN-1937 [ YARN-1937 ]
          Zhijie Shen made changes -
          Link This issue relates to YARN-1936 [ YARN-1936 ]
          Zhijie Shen made changes -
          Link This issue relates to YARN-1302 [ YARN-1302 ]
          Zhijie Shen made changes -
          Link This issue relates to YARN-1250 [ YARN-1250 ]
          Zhijie Shen made changes -
          Summary Security for timeline service Security for timeline server
          Zhijie Shen made changes -
          Parent YARN-1530 [ 12686232 ]
          Issue Type Sub-task [ 7 ] New Feature [ 2 ]
          Zhijie Shen made changes -
          Assignee Zhijie Shen [ zjshen ]
          Zhijie Shen made changes -
          Field Original Value New Value
          Summary Security for ATS Security for timeline service
          Arun C Murthy created issue -

            People

            • Assignee:
              Zhijie Shen
              Reporter:
              Arun C Murthy
            • Votes:
              0 Vote for this issue
              Watchers:
              16 Start watching this issue

              Dates

              • Created:
                Updated:

                Development