[jira] [Commented] (IMPALA-9537) Add LDAP auth to the webui

ASF subversion and git services (Jira) Thu, 02 Apr 2020 14:47:40 -0700


    [ 
https://issues.apache.org/jira/browse/IMPALA-9537?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17074105#comment-17074105
 ]


ASF subversion and git services commented on IMPALA-9537:
---------------------------------------------------------

Commit 81b5f823aa715d47f939191f2370e32ef9983413 in impala's branch 
refs/heads/master from Thomas Tauber-Marshall
[ https://gitbox.apache.org/repos/asf?p=impala.git;h=81b5f82 ]

IMPALA-9537: Add LDAP auth to the webui

This patch adds a startup flag --webserver_require_ldap, which if set
to true secures the debug webserver with LDAP username/password
authentication.

It also adds the flags --webserver_ldap_group_filter and
--webserver_ldap_user_filter, which allow users to restrict access to
the webserver separately from the restrictions on other endpoints
(i.e. --ldap_group_filter and --ldap_user_filter), for example to
enable webserver access only for admin users.

Testing:
- Added a FE test that runs a custom cluster with ldap webserver auth
  enabled and verifies it works as expected, with and without filters
  specified.

Change-Id: I6e92481929f2f06898b8496233ab4134792c9f10
Reviewed-on: http://gerrit.cloudera.org:8080/15538
Reviewed-by: Impala Public Jenkins <[email protected]>
Tested-by: Impala Public Jenkins <[email protected]>


> Add LDAP auth to the webui
> --------------------------
>
>                 Key: IMPALA-9537
>                 URL: https://issues.apache.org/jira/browse/IMPALA-9537
>             Project: IMPALA
>          Issue Type: Improvement
>          Components: Clients
>    Affects Versions: Impala 4.0
>            Reporter: Thomas Tauber-Marshall
>            Assignee: Thomas Tauber-Marshall
>            Priority: Major
>
> We already support Kerberos auth to the webui over SPNEGO, and Basic HTTP 
> auth to LDAP over the hs2 http interface.
> It would be useful to add the ability to authenticate to the webui using LDAP 
> over Basic.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

[jira] [Commented] (IMPALA-9537) Add LDAP auth to the webui

Reply via email to