[
https://issues.apache.org/jira/browse/HADOOP-6568?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Vinod K V updated HADOOP-6568:
------------------------------
Attachment: HADOOP-6568-20100224.txt
Looks like we have a consensus. I am attaching a patch for this issue.
- hadoop.cluster.administrators is the ACL for specifying who the
superusers/supergroups are.
- Also added a test to verify the authorization.
> Authorization for default servlets
> ----------------------------------
>
> Key: HADOOP-6568
> URL: https://issues.apache.org/jira/browse/HADOOP-6568
> Project: Hadoop Common
> Issue Type: Sub-task
> Components: security
> Reporter: Vinod K V
> Assignee: Vinod K V
> Fix For: 0.22.0
>
> Attachments: HADOOP-6568-20100216.txt, HADOOP-6568-20100224.txt
>
>
> We have the following default servlets: /logs, /static, /stacks, /logLevel,
> /metrics, /conf. Barring "/static", rest of the servlets provide information
> that is only for administrators. In the context of security for the
> web-servlets, we need protected access to these pages.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
