[
https://issues.apache.org/jira/browse/SENTRY-2102?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16293405#comment-16293405
]
Alexander Kolbasov commented on SENTRY-2102:
--------------------------------------------
That's great! Just having SSL support is worth it!
> Switching to HttpServer2 for WebUI access
> -----------------------------------------
>
> Key: SENTRY-2102
> URL: https://issues.apache.org/jira/browse/SENTRY-2102
> Project: Sentry
> Issue Type: Improvement
> Reporter: Vadim Spector
>
> There is the implementation of HTTP server which is supposed to be the
> standard for all Hadoop components implementing Web UIs:
> https://github.com/apache/hadoop/blob/trunk/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/http/HttpServer2.java
> It comes with built-in support of SSL, SPNEGO (Kerberos from browsers), plus
> authorization - all configurable.
> It comes with pre-configured servlets, such as Stack, LogLevel servlet,
> Metrics, JMX, Configuration, all for free.
> Sentry code is still using its own SentryWebServer.java implementation. ?
> Some of Sentry's servlets are already supported in HttpServer2 (maybe even
> improved versions of those).
> In addition, HttpServer2 security features satisfy security demands of
> commercial deployment, unlike our own Web UI, which security-conscious
> customers may be reluctant to activate for good reasons.
> Switching to HttpServer2 would be a major improvement of the Sentry product
> (and less code to support).
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
