[jira] [Commented] (HADOOP-8581) add support for HTTPS to the web UIs

Wed, 02 Oct 2013 15:34:24 -0700 

    [ 
https://issues.apache.org/jira/browse/HADOOP-8581?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13784554#comment-13784554
 ] 

Alejandro Abdelnur commented on HADOOP-8581:
--------------------------------------------

Apologies for the delay getting back on this. Overall approach seems 
reasonable, a few things though:

*allow access to both HTTPS and HTTP*

Serving the same content over HTTP and HTTPS seems unnecessary. And if set by 
mistake, could give the false sense of security to someone that intended 
setting https only.

If we are talking about serving webpages over HTTP and webhdfs/fsimage over 
HTTPS then it makes sense. 

But this means we'll have to explicitly configure each servlet to be served 
over the correct transport only (HTTP or HTTPS). And give how servlets are 
added to HttpServer today this will be a careful task to ensure nothing ends up 
wrongfully served on both transport endpoints.

*redirecting from http to https*

while  browsers do this automatically, if i recall correctly Java does not 
follow redirections from HTTP to HTTPS. This may be an issue for fsimage and 
webhdfs.

* <project>.http.policy

Sounds good, but I would rather user http or https as value than numbers

Also, we'll have to refactor HttpServer to take as parameter the <service> 
prefix (I would use service rather than project)

If we remove it from 2.2, what that exactly means? what functionality we lose?

> add support for HTTPS to the web UIs
> ------------------------------------
>
>                 Key: HADOOP-8581
>                 URL: https://issues.apache.org/jira/browse/HADOOP-8581
>             Project: Hadoop Common
>          Issue Type: New Feature
>          Components: security
>    Affects Versions: 2.0.0-alpha
>            Reporter: Alejandro Abdelnur
>            Assignee: Alejandro Abdelnur
>             Fix For: 2.0.2-alpha
>
>         Attachments: HADOOP-8581.patch, HADOOP-8581.patch, HADOOP-8581.patch, 
> HADOOP-8581.patch, HADOOP-8581.patch, HADOOP-8581.patch, HADOOP-8581.patch
>
>
> HDFS/MR web UIs don't work over HTTPS, there are places where 'http://' is 
> hardcoded.



--
This message was sent by Atlassian JIRA
(v6.1#6144)

Reply via email to