[jira] Updated: (MAPREDUCE-1493) Authorization for job-history pages

Thu, 25 Feb 2010 00:40:54 -0800 

     [ 
https://issues.apache.org/jira/browse/MAPREDUCE-1493?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Vinod K V updated MAPREDUCE-1493:
---------------------------------

    Attachment: MAPREDUCE-1493-20100225.2.txt

Updated patch addressing the above comments except:
bq. (9) Don't we want to support viewing of older history files ? With older 
history files(where job ACLs are not there), JSPUtil.getJobInfo() gets NPE 
because JobSubmittedEvent.getJobACLs() gets NPE. Should we allow viewing of 
older history files assuming that view access exists for those jobs for all 
users ?
JobHistory currently DOES NOT have the support to read older versions of 
history files. So this cannot be done in this issue and hence makes this an 
incompatible change.
bq. (11) In rumen, in Job20LineHistoryEventEmitter.java, from the parsed line 
of history file, jobACLs are not read but empty ACLs are written to. I guess we 
need to build ACLs from the parsedLine of history.
There are no ACLs in the 20 format of JobHistory, so we don't need to do 
anything here. Changes percolated into this class as I've broken the 
compatibility of JobSubmissionEvent class constructor. Not very sure if we need 
backward-compatibility of this class as it may be internal only.

bq. (15) Am not sure if passing of rumen tests is good enough for this patch. 
Do we need any additional testing ?
It's on Rumen how to use the logged ACLs. 'Cause this patch is not adding any 
new code for Rumen w.r.t JobACLs, we don't need more tests in this regard.


> Authorization for job-history pages
> -----------------------------------
>
>                 Key: MAPREDUCE-1493
>                 URL: https://issues.apache.org/jira/browse/MAPREDUCE-1493
>             Project: Hadoop Map/Reduce
>          Issue Type: Sub-task
>          Components: jobtracker, security
>            Reporter: Vinod K V
>            Assignee: Vinod K V
>             Fix For: 0.22.0
>
>         Attachments: MAPREDUCE-1493-20100222.1.txt, 
> MAPREDUCE-1493-20100225.2.txt
>
>
> MAPREDUCE-1455 introduces authorization for most of the Map/Reduce jsp pages 
> and servlets, but left history pages. This JIRA will make sure that 
> authorization checks are made while accessing job-history pages also.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

Reply via email to