[
https://issues.apache.org/jira/browse/MAPREDUCE-4669?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16657337#comment-16657337
]
Haibo Chen commented on MAPREDUCE-4669:
---------------------------------------
Thanks [~rkanter] for the patch! I have a few comments/questions.
1) Can we rename withNeedsClientAuth() to withClientAuth(boolean)?
2) In WebApps, I think we can skip the truststore part if clientAuth is false.
3) Can we add another unit test that queries the AM web server with a
un-trusted certificate when client authorization is on?
> MRAM web UI does not work with HTTPS
> ------------------------------------
>
> Key: MAPREDUCE-4669
> URL: https://issues.apache.org/jira/browse/MAPREDUCE-4669
> Project: Hadoop Map/Reduce
> Issue Type: Bug
> Components: mr-am
> Affects Versions: 2.0.3-alpha
> Reporter: Alejandro Abdelnur
> Assignee: Robert Kanter
> Priority: Major
> Attachments: MAPREDUCE-4669.001.patch, MAPREDUCE-4669.002.patch,
> MAPREDUCE-4669.003.patch
>
>
> With Kerberos enable, the MRAM runs as the user that submitted the job, thus
> the MRAM process cannot read the cluster keystore files to get the
> certificates to start its HttpServer using HTTPS.
> We need to decouple the keystore used by RM/NM/NN/DN (which are cluster
> provided) from the keystore used by AMs (which ought to be user provided).
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
