[
https://issues.apache.org/jira/browse/HADOOP-4284?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Chris Douglas updated HADOOP-4284:
----------------------------------
Resolution: Fixed
Release Note: added an interface method to HttpServer to support global
filters (was: added an interface method to HttpServer to support global
filters and improved SSL handling)
Hadoop Flags: [Reviewed]
Status: Resolved (was: Patch Available)
+1 This looks good.
I just committed this. Thanks, Kan
> Support for user configurable global filters on HttpServer
> ----------------------------------------------------------
>
> Key: HADOOP-4284
> URL: https://issues.apache.org/jira/browse/HADOOP-4284
> Project: Hadoop Core
> Issue Type: New Feature
> Affects Versions: 0.20.0
> Reporter: Kan Zhang
> Assignee: Kan Zhang
> Fix For: 0.20.0
>
> Attachments: 4284-7.patch, 4284_20080925_78.patch,
> 4284_20080926_79.patch, 4284_20080929_83.patch, 4284_20081007_85.patch,
> 4284_20081016_93.patch, 4284_20081016_94.patch, 4284_20081016_96.patch
>
>
> HADOOP-3854 introduced a framework for adding filters to filter browser
> facing urls. Sometimes, there is a need to filter all urls. For example, at
> Yahoo, we need to open an SSL port on the HttpServer and only accept hsftp
> requests from clients who can authenticate themselves using client
> certificate and is authorized according to certain policy file. For this to
> happen, we need a method to add a user configurable "global" filter, which
> filters on all client requests. For our purposes, such a global filter will
> block all https requests except those accessing the hsftp interface (it will
> let all http requests go through, so accesses through the normal http ports
> are unaffected). Moreover, those hsftp requests will be subject to further
> authorization checking according to the policy file.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
