[
https://issues.apache.org/jira/browse/OOZIE-3287?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16513556#comment-16513556
]
Ramgopal N commented on OOZIE-3287:
-----------------------------------
Thanks Peter for quick reply.
No it is not kerberos enabled.
If everyone can change the usernames as they want, will it not violate the
"oozie.authentication.simple.anonymous.allowed" purpose?
what is the use of conf/adminusers.txt ?
Is there a way to authenticate only the users listed in conf/adminusers.txt?
> Able to access the oozie web GUI with any invalid user when
> oozie.authentication.simple.anonymous.allowed is false
> ------------------------------------------------------------------------------------------------------------------
>
> Key: OOZIE-3287
> URL: https://issues.apache.org/jira/browse/OOZIE-3287
> Project: Oozie
> Issue Type: Bug
> Components: ui
> Affects Versions: 4.1.0
> Reporter: Ramgopal N
> Priority: Major
>
> i have made "oozie.authentication.simple.anonymous.allowed=false" in
> oozie-site.xml to not allow anonymous user to access
> "http://ooziebaseurl:11000/oozie/v2/admin/metrics";
> I want to access this url with admin user(hdfs) listed in conf/adminusers.txt
> under oozie.
> Able to access
> "http://ooziebaseurl:11000/oozie/v2/admin/metrics?user.name=hdfs"
> But also able to access with any random user like
> "http://ooziebaseurl:11000/oozie/v2/admin/metrics?user.name=XYZ";
>
> Couldnt find any other configuration restricting radom users.
>
>
>
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
