[jira] [Commented] (FLINK-21108) Flink runtime rest server and history server webmonitor do not require authentication.

Wed, 02 Jun 2021 02:12:06 -0700 


    [ 
https://issues.apache.org/jira/browse/FLINK-21108?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17355591#comment-17355591
 ] 

Márton Balassi commented on FLINK-21108:
----------------------------------------

Hi [~xexplorer],

Thank you for raising this and proposing an implementation. My main concern 
with your design is that in any secure environment we do need a strong 
authentication mechanism between the proxy and dashboard/historyserver, http 
basic auth simply would be rejected by an audit. Consequently I believe your 
current approach is a great first step, but only half of the story.

[~gsomogyi] has implemented a version of this recently where we have also added 
Kerberos authentication mechanism and is already used by our customers at 
Cloudera. Apologies for missing your ticket.

 It is an important design decision that we aim to keep the list of 
authentication protocols to a minimum. We believe that this should not be a 
primary concern of Flink and a trusted proxy service (for example Apache Knox) 
should be used to enable a multitude of enduser authentication mechanisms. The 
bare minimum of authentication mechanisms to support consequently consist of a 
single strong authentication protocol for which Kerberos is the enterprise 
solution and HTTP Basic primary for development and light-weight scenarios.

Would you please check out the following design document? We believe it solves 
most of what you were looking for.
https://docs.google.com/document/d/1NMPeJ9H0G49TGy3AzTVVJVKmYC0okwOtqLTSPnGqzHw/edit#

[~gsomogyi] will share his implementation soon, so you can review it and we can 
come to a mutually satisfactory implementation.

> Flink runtime rest server and history server webmonitor do not require 
> authentication.
> --------------------------------------------------------------------------------------
>
>                 Key: FLINK-21108
>                 URL: https://issues.apache.org/jira/browse/FLINK-21108
>             Project: Flink
>          Issue Type: New Feature
>          Components: Runtime / REST, Runtime / Web Frontend
>            Reporter: Xiaoguang Sun
>            Priority: Major
>              Labels: auto-unassigned, pull-request-available, stale-major
>
> Flink runtime rest server and history server webmonitor do not require 
> authentication. At certain scenarios, prohibiting unauthorized access is 
> desired. Http basic authentication can be used here.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

Reply via email to