[
https://issues.apache.org/jira/browse/HBASE-25895?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17351842#comment-17351842
]
Sean Busbey commented on HBASE-25895:
-------------------------------------
{code}
infoServer.addUnprivilegedServlet(“api_v1", “/api/v1/*“,
buildApiV1Servlet());
{code}
Pardon, my infoserver knowledge is a bit rusty. I think this means that if
security is enabled for HTTP access to the master interface, folks will still
need to present valid SPNEGO credentials, but “unprivileged” means that they
won’t need to be in any particular access group. Is that correct?
Presuming it is correct, all the stuff we currently include is also included in
the existing human consumable web pages that are also unprivileged, AFAICT. We
should note this expectation on the package-info for the cluster_metrics
package and the class javadocs for the {{ClusterMetrics}} api implementation.
If there is some way we can proactively prevent the addition of REST verbs that
change state that would also make me feel more at ease with the permissive
access.
> Implement a Cluster Metrics JSON endpoint
> -----------------------------------------
>
> Key: HBASE-25895
> URL: https://issues.apache.org/jira/browse/HBASE-25895
> Project: HBase
> Issue Type: Sub-task
> Reporter: Nick Dimiduk
> Assignee: Nick Dimiduk
> Priority: Major
>
> In order to build a dynamic visualization functionality, we need access to
> the underlying dataset. I think we can do a lot by exposing the
> ClusterMetrics already available via the {{o.a.h.h.client.Admin}} interface.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
