[
https://issues.apache.org/jira/browse/OOZIE-1233?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13596611#comment-13596611
]
Robert Kanter commented on OOZIE-1233:
--------------------------------------
According to
[this|http://docs.oracle.com/javase/1.5.0/docs/guide/deployment/deployment-guide/upgrade-guide/article-17.html]:
{quote}
...because of serious security consequences, redirection between HTTP and HTTPS
is not automatically followed.
{quote}
Even though its for Java 5 not 6, the behavior seems to still be the same when
I tried it; browsers redirect though. That page does give a workaround, but I
haven't tried it; I think it would require a bit more refactoring and testing
because it would have to be done on all connections. Perhaps this can be done
as another JIRA if we think the security issue is not a problem?
> Add ability to configure Oozie to use HTTPS (SSL)
> -------------------------------------------------
>
> Key: OOZIE-1233
> URL: https://issues.apache.org/jira/browse/OOZIE-1233
> Project: Oozie
> Issue Type: New Feature
> Components: security
> Affects Versions: trunk, 3.3.2
> Reporter: Robert Kanter
> Assignee: Robert Kanter
> Attachments: OOZIE-1233.patch, OOZIE-1233.patch, OOZIE-1233.patch
>
>
> It's currently possible to configure Oozie to use HTTPS (SSL), but:
> # There isn't a standard way of configuring it
> # It can involve editing settings that users normally don't, including web.xml
> # There's no documentation; using a self-signed certificate with the Oozie
> client is particularly tricky
> We should add an argument to the oozie-setup.sh script that'll configure
> Oozie to use HTTPS so that its easy to do and there's a standard way that
> users will do it.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
