Github user tgravescs commented on the pull request:
https://github.com/apache/spark/pull/509#issuecomment-41205924
Thanks for the review @andrewor14. I've updated based on the comments.
To summarize what is intended. Each application can set
spark.ui.acls.enable. That setting is honored both when the application is
running and after the fact by viewing it in the history server. If the
spark.ui.acls.enable setting is set when the history server is started the only
thing that explicitly protects is the HistoryPage itself (not the application
(SparkUI) pages). Generally i would expect that page to be left open for
everyone to see. For any of the acls to take affect you have to have a filter
in place that authenticates the user, otherwise the acls have no affect.
If we want to change it to allow the history server spark.ui.acls.enable
setting to override each individual application we can do that.
Also if the above doesn't translate into what is documented let me know and
I'll update the docs.
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at [email protected] or file a JIRA ticket
with INFRA.
---
