[
https://issues.apache.org/jira/browse/HADOOP-5851?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12716401#action_12716401
]
Kan Zhang commented on HADOOP-5851:
-----------------------------------
I can see that for encryption purpose you may still want to use SSL. In that
case, I suggest you make it an option instead of the default behavior. The user
has to explicitly specify this option to enable it.
> proxy to call LDAP for IP lookup and get user ID and directories, validate
> requested URL
> ----------------------------------------------------------------------------------------
>
> Key: HADOOP-5851
> URL: https://issues.apache.org/jira/browse/HADOOP-5851
> Project: Hadoop Core
> Issue Type: New Feature
> Components: contrib/hdfsproxy
> Reporter: zhiyong zhang
> Assignee: zhiyong zhang
> Priority: Critical
> Attachments: HADOOP-5851.patch, HADOOP-5851.patch, HADOOP-5851.patch
>
>
> It is easy to manage user accounts using LDAP. by adding support for LDAP,
> proxy can do IP authorization in a headless fashion.
> when a user send a request, proxy extract IP address and request PathInfo
> from the request. then it searches the LDAP server to get the allowed HDFS
> root paths given the IP address. Proxy will match the user request PathInfo
> with the allowed HDFS root path, return 403 if it could not find a match.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
