[
https://issues.apache.org/jira/browse/HADOOP-10651?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14103279#comment-14103279
]
Benoy Antony commented on HADOOP-10651:
---------------------------------------
rebased the patch based on HADOOP-10650
> Add ability to restrict service access using IP addresses and hostnames
> -----------------------------------------------------------------------
>
> Key: HADOOP-10651
> URL: https://issues.apache.org/jira/browse/HADOOP-10651
> Project: Hadoop Common
> Issue Type: Sub-task
> Components: security
> Affects Versions: 2.5.0
> Reporter: Benoy Antony
> Assignee: Benoy Antony
> Attachments: HADOOP-10651.patch, HADOOP-10651.patch
>
>
> In some use cases, it make sense to authorize the usage of some services only
> from specific hosts. Just like ACLS for Service Authorization , there can be
> a list of hosts for each service and this list can be checked during
> authorization.
> Similar to ACLS, there can be a whitelist of ip and blacklist of ips. The
> default whitelist will be * and default blacklist will be empty. It should be
> possible to override the default whitelist and default blacklist. It should
> be possible to define whitelist and blacklist per service.
> It should be possible to define ip ranges in blacklists and whitelists
--
This message was sent by Atlassian JIRA
(v6.2#6252)
