[jira] [Commented] (HADOOP-16527) Add a whitelist of endpoints to skip Kerberos authentication
[ https://issues.apache.org/jira/browse/HADOOP-16527?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16917435#comment-16917435 ] Hudson commented on HADOOP-16527: - FAILURE: Integrated in Jenkins build Hadoop-trunk-Commit #17192 (See [https://builds.apache.org/job/Hadoop-trunk-Commit/17192/]) HADOOP-16527. Add a whitelist of endpoints to skip Kerberos (tasanuma: rev 55cc115878d029869be3e622e8792c9ad9f64982) * (edit) hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/KerberosAuthenticationHandler.java * (edit) hadoop-common-project/hadoop-common/src/main/resources/core-default.xml * (edit) hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/server/TestKerberosAuthenticationHandler.java > Add a whitelist of endpoints to skip Kerberos authentication > > > Key: HADOOP-16527 > URL: https://issues.apache.org/jira/browse/HADOOP-16527 > Project: Hadoop Common > Issue Type: New Feature > Components: security >Reporter: Akira Ajisaka >Assignee: Akira Ajisaka >Priority: Major > Fix For: 3.3.0 > > > HADOOP-15707 added /isActive servlet for load balancers and HADOOP-16398 > added /prom servlet for prometheus server. However, prometheus server and > most load balancers do not support kerberos authentication. Therefore if > kerberos authentication is enabled, prometheus server or load balancers > cannot access to the endpoints. > We would like to propose a whitelist of endpoints to avoid kerberos > authentication. -- This message was sent by Atlassian Jira (v8.3.2#803003) - To unsubscribe, e-mail: common-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: common-issues-h...@hadoop.apache.org
[jira] [Commented] (HADOOP-16527) Add a whitelist of endpoints to skip Kerberos authentication
[ https://issues.apache.org/jira/browse/HADOOP-16527?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16917430#comment-16917430 ] Akira Ajisaka commented on HADOOP-16527: Thank you, [~tasanuma]. > Add a whitelist of endpoints to skip Kerberos authentication > > > Key: HADOOP-16527 > URL: https://issues.apache.org/jira/browse/HADOOP-16527 > Project: Hadoop Common > Issue Type: New Feature > Components: security >Reporter: Akira Ajisaka >Assignee: Akira Ajisaka >Priority: Major > Fix For: 3.3.0 > > > HADOOP-15707 added /isActive servlet for load balancers and HADOOP-16398 > added /prom servlet for prometheus server. However, prometheus server and > most load balancers do not support kerberos authentication. Therefore if > kerberos authentication is enabled, prometheus server or load balancers > cannot access to the endpoints. > We would like to propose a whitelist of endpoints to avoid kerberos > authentication. -- This message was sent by Atlassian Jira (v8.3.2#803003) - To unsubscribe, e-mail: common-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: common-issues-h...@hadoop.apache.org