[
https://issues.apache.org/jira/browse/HADOOP-10679?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14282993#comment-14282993
]
Arpit Agarwal commented on HADOOP-10679:
----------------------------------------
Hi Benoy, I spent quite some time looking at this patch and realized I don't
have sufficient background to review it well.
For one, I did not understand how it affects backwards compatibility - both
secure and non-secure. Does this affect just the webui or also webhdfs
operations?
I think someone more familiar with webui authentication should review it.
> Authorize webui access using ServiceAuthorizationManager
> --------------------------------------------------------
>
> Key: HADOOP-10679
> URL: https://issues.apache.org/jira/browse/HADOOP-10679
> Project: Hadoop Common
> Issue Type: Sub-task
> Components: security
> Reporter: Benoy Antony
> Assignee: Benoy Antony
> Attachments: HADOOP-10679.patch, HADOOP-10679.patch
>
>
> Currently accessing Hadoop via RPC can be authorized using
> _ServiceAuthorizationManager_. But there is no uniform authorization of the
> HTTP access. Some of the servlets check for admin privilege.
> This creates an inconsistency of authorization between access via RPC vs
> HTTP.
> The fix is to enable authorization of the webui access also using
> _ServiceAuthorizationManager_.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
