Ahh I see. That explains that. Will it only be included in Drill 1.5 and greater? That seems a ways out... it's a great feature :)
On Mon, Dec 7, 2015 at 1:55 PM, Kristine Hahn <[email protected]> wrote: > Drill on MapR has the features you're describing: > > http://doc.mapr.com/display/MapR/Configuring+Web+Console+and+REST+API+Security > . > The differences between the open source and MapR versions are listed on > http://doc.mapr.com/display/components/Drill+1.2.0+Release+Notes. > > The web security feature was designed to be included in the open source > version and is now be reviewed for inclusion: > https://issues.apache.org/jira/browse/DRILL-3201 > > Kristine Hahn > Sr. Technical Writer > 415-497-8107 @krishahn skype:krishahn > > > On Mon, Dec 7, 2015 at 11:16 AM, John Omernik <[email protected]> wrote: > > > This is really odd to me. I have 1.3 (Compiled by MapR) running on my > > cluster right now. I added libjpam.so to my java.library.path, and I > have > > ldap configured on the nodes in pam. When I hit the Web UI (via HTTPS, > > HTTP is disabled) I get prompt for user name and the authentication goes > > against the pam on the system, allowing me in. Only the user running the > > drill bits has "admin" functions in Drill, other users only see a subset > of > > tabs (Query, Profiles, Metrics) (the Drillbit user has Query, profiles, > > storage, metrics, and threads). > > > > This is also true with the RestAPI. I have to authenticate to use it at > > this point. I just do forms authentication using the python requests > > module. (I feel like it should accept basic auth over SSL for API good > > ness, but my hack works) > > > > Thus, I feel like it's been secured fairly well (SSL, Authentication, > Users > > etc). So I do not understand why DRILL-3201 says 1.5, and while it's > > stated that Web Authentication is not available yet... > > > > > > > > > > > > On Mon, Dec 7, 2015 at 11:13 AM, Andries Engelbrecht < > > [email protected]> wrote: > > > > > This topic came up a while ago and there was a bit of confusion. > > > > > > See the discussion thread here for more info. > > > > > > > > > http://search-hadoop.com/m/qRVAXir9Do1qHni72&subj=How+to+setup+user+authentication+for+the+WebUI+ > > > < > > > > > > http://search-hadoop.com/m/qRVAXir9Do1qHni72&subj=How+to+setup+user+authentication+for+the+WebUI+ > > > > > > > > > > Sudheesh listed the JIRA to track it. > > > > > > --Andries > > > > > > > > > > > > > On Dec 7, 2015, at 8:32 AM, Sudheesh Katkam <[email protected]> > > > wrote: > > > > > > > > Hi Niko, > > > > > > > > Web authentication is not available yet; DRILL-3201 < > > > https://issues.apache.org/jira/browse/DRILL-3201> is being reviewed. > The > > > doc pages are ahead. > > > > > > > > Thank you, > > > > Sudheesh > > > > > > > >> On Dec 7, 2015, at 7:06 AM, Keys Botzum <[email protected]> > wrote: > > > >> > > > >> I think this answers your question (the answer is yes according to > the > > > docs): > > > >> > > > >> > > > > > > https://drill.apache.org/docs/configuring-web-console-and-rest-api-security/ > > > < > > > > > > https://drill.apache.org/docs/configuring-web-console-and-rest-api-security/ > > > > > > > >> > > > >> Keys > > > >> _______________________________ > > > >> Keys Botzum > > > >> Senior Principal Technologist > > > >> [email protected] <mailto:[email protected]> > > > >> 443-718-0098 > > > >> MapR Technologies > > > >> http://www.mapr.com <http://www.mapr.com/> > > > >>> On Dec 7, 2015, at 10:04 AM, Niko Arvilommi <[email protected]> > > > wrote: > > > >>> > > > >>> Hi > > > >>> > > > >>> Is it possible to secure the WEB UI and REST api with password or > > > similiar methods. Shared keys or something ? > > > >>> It seems to be too open if it not possible > > > >>> > > > >>> Best Niko Arvilommi > > > >> > > > > > > > > > > > > >
