This is really odd to me. I have 1.3 (Compiled by MapR) running on my cluster right now. I added libjpam.so to my java.library.path, and I have ldap configured on the nodes in pam. When I hit the Web UI (via HTTPS, HTTP is disabled) I get prompt for user name and the authentication goes against the pam on the system, allowing me in. Only the user running the drill bits has "admin" functions in Drill, other users only see a subset of tabs (Query, Profiles, Metrics) (the Drillbit user has Query, profiles, storage, metrics, and threads).
This is also true with the RestAPI. I have to authenticate to use it at this point. I just do forms authentication using the python requests module. (I feel like it should accept basic auth over SSL for API good ness, but my hack works) Thus, I feel like it's been secured fairly well (SSL, Authentication, Users etc). So I do not understand why DRILL-3201 says 1.5, and while it's stated that Web Authentication is not available yet... On Mon, Dec 7, 2015 at 11:13 AM, Andries Engelbrecht < [email protected]> wrote: > This topic came up a while ago and there was a bit of confusion. > > See the discussion thread here for more info. > > http://search-hadoop.com/m/qRVAXir9Do1qHni72&subj=How+to+setup+user+authentication+for+the+WebUI+ > < > http://search-hadoop.com/m/qRVAXir9Do1qHni72&subj=How+to+setup+user+authentication+for+the+WebUI+ > > > > Sudheesh listed the JIRA to track it. > > --Andries > > > > > On Dec 7, 2015, at 8:32 AM, Sudheesh Katkam <[email protected]> > wrote: > > > > Hi Niko, > > > > Web authentication is not available yet; DRILL-3201 < > https://issues.apache.org/jira/browse/DRILL-3201> is being reviewed. The > doc pages are ahead. > > > > Thank you, > > Sudheesh > > > >> On Dec 7, 2015, at 7:06 AM, Keys Botzum <[email protected]> wrote: > >> > >> I think this answers your question (the answer is yes according to the > docs): > >> > >> > https://drill.apache.org/docs/configuring-web-console-and-rest-api-security/ > < > https://drill.apache.org/docs/configuring-web-console-and-rest-api-security/ > > > >> > >> Keys > >> _______________________________ > >> Keys Botzum > >> Senior Principal Technologist > >> [email protected] <mailto:[email protected]> > >> 443-718-0098 > >> MapR Technologies > >> http://www.mapr.com <http://www.mapr.com/> > >>> On Dec 7, 2015, at 10:04 AM, Niko Arvilommi <[email protected]> > wrote: > >>> > >>> Hi > >>> > >>> Is it possible to secure the WEB UI and REST api with password or > similiar methods. Shared keys or something ? > >>> It seems to be too open if it not possible > >>> > >>> Best Niko Arvilommi > >> > > > >
