Uploaded image for project: 'Hadoop YARN'
  1. Hadoop YARN
  2. YARN-2310

Revisit the APIs in RM web services where user information can make difference

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Open
    • Major
    • Resolution: Unresolved
    • 2.5.0, 3.0.0-alpha1
    • None
    • resourcemanager, webapp
    • None

    Description

      After YARN-2247, RM web services can be sheltered by the authentication filter, which can help to identify who the user is. With this information, we should be able to fix the security problem of some existing APIs, such as getApp, getAppAttempts, getApps. We should use the user information to check the ACLs before returning the requested data to the user.

      Attachments

        Issue Links

          is related to

          Bug - A problem which impairs or prevents the functions of the product. YARN-2311 Revisit RM web pages where user information may make difference.

          • Major - Major loss of function.
          • Resolved

          Activity

            People

              Unassigned Unassigned
              zjshen Zhijie Shen
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated: