difin commented on PR #5652: URL: https://github.com/apache/hive/pull/5652#issuecomment-2726578418
> how about skipping the authentication for `/leader` or `/peers` in `LDAPAuthenticationFilter`? If we do that and Hive is deployed on a public cloud, it will allow access to the /leader endpoints to the internet, which is not secure. By adding a new unsecured endpoint for HA health-check on a different port, that new port can be exposed internally only for health-check script which will be more secure. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: gitbox-unsubscr...@hive.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: gitbox-unsubscr...@hive.apache.org For additional commands, e-mail: gitbox-h...@hive.apache.org
