Hi John, MapR Drill 1.3 has the web authentication feature (DRILL-3201), whereas Apache Drill 1.3 does not.
Thank you, Sudheesh > On Dec 7, 2015, at 11:16 AM, John Omernik <[email protected]> wrote: > > This is really odd to me. I have 1.3 (Compiled by MapR) running on my > cluster right now. I added libjpam.so to my java.library.path, and I have > ldap configured on the nodes in pam. When I hit the Web UI (via HTTPS, > HTTP is disabled) I get prompt for user name and the authentication goes > against the pam on the system, allowing me in. Only the user running the > drill bits has "admin" functions in Drill, other users only see a subset of > tabs (Query, Profiles, Metrics) (the Drillbit user has Query, profiles, > storage, metrics, and threads). > > This is also true with the RestAPI. I have to authenticate to use it at > this point. I just do forms authentication using the python requests > module. (I feel like it should accept basic auth over SSL for API good > ness, but my hack works) > > Thus, I feel like it's been secured fairly well (SSL, Authentication, Users > etc). So I do not understand why DRILL-3201 says 1.5, and while it's > stated that Web Authentication is not available yet... > > > > > > On Mon, Dec 7, 2015 at 11:13 AM, Andries Engelbrecht < > [email protected]> wrote: > >> This topic came up a while ago and there was a bit of confusion. >> >> See the discussion thread here for more info. >> >> http://search-hadoop.com/m/qRVAXir9Do1qHni72&subj=How+to+setup+user+authentication+for+the+WebUI+ >> < >> http://search-hadoop.com/m/qRVAXir9Do1qHni72&subj=How+to+setup+user+authentication+for+the+WebUI+ >>> >> >> Sudheesh listed the JIRA to track it. >> >> --Andries >> >> >> >>> On Dec 7, 2015, at 8:32 AM, Sudheesh Katkam <[email protected]> >> wrote: >>> >>> Hi Niko, >>> >>> Web authentication is not available yet; DRILL-3201 < >> https://issues.apache.org/jira/browse/DRILL-3201> is being reviewed. The >> doc pages are ahead. >>> >>> Thank you, >>> Sudheesh >>> >>>> On Dec 7, 2015, at 7:06 AM, Keys Botzum <[email protected]> wrote: >>>> >>>> I think this answers your question (the answer is yes according to the >> docs): >>>> >>>> >> https://drill.apache.org/docs/configuring-web-console-and-rest-api-security/ >> < >> https://drill.apache.org/docs/configuring-web-console-and-rest-api-security/ >>> >>>> >>>> Keys >>>> _______________________________ >>>> Keys Botzum >>>> Senior Principal Technologist >>>> [email protected] <mailto:[email protected]> >>>> 443-718-0098 >>>> MapR Technologies >>>> http://www.mapr.com <http://www.mapr.com/> >>>>> On Dec 7, 2015, at 10:04 AM, Niko Arvilommi <[email protected]> >> wrote: >>>>> >>>>> Hi >>>>> >>>>> Is it possible to secure the WEB UI and REST api with password or >> similiar methods. Shared keys or something ? >>>>> It seems to be too open if it not possible >>>>> >>>>> Best Niko Arvilommi >>>> >>> >> >>
