[
https://issues.apache.org/jira/browse/YARN-6638?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16042279#comment-16042279
]
Rohith Sharma K S commented on YARN-6638:
-----------------------------------------
bq. I had thought, for reader, merely Kerberos authentication should be
enough. So an authentication filter should also be enough.
this would lead every HTTP request is authenticated with kerberos which will
impact delay in response time. As you said, as of now we can go ahead with it,
but this one would need to address it. How about reusing reusing RM timeline
APIs for reader server? But one potential issue I see is reader server can be
any number deployed in cluster, so RM will issue token to which reader server!?
Is there any JIRA for reader server DT implementation? If no, lets raise and
discuss this point over there.
> [Security] Timeline reader side changes for loading auth filters and
> principals
> -------------------------------------------------------------------------------
>
> Key: YARN-6638
> URL: https://issues.apache.org/jira/browse/YARN-6638
> Project: Hadoop YARN
> Issue Type: Sub-task
> Components: timelineserver
> Reporter: Varun Saxena
> Assignee: Varun Saxena
> Attachments: YARN-6638-YARN-5355.01.patch
>
>
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
---------------------------------------------------------------------
To unsubscribe, e-mail: yarn-issues-unsubscr...@hadoop.apache.org
For additional commands, e-mail: yarn-issues-h...@hadoop.apache.org
