Eric Yang created YARN-7882:
-------------------------------
Summary: Server side proxy for UI2 log viewer
Key: YARN-7882
URL: https://issues.apache.org/jira/browse/YARN-7882
Project: Hadoop YARN
Issue Type: Bug
Components: security, timelineserver, yarn-ui-v2
Affects Versions: 3.0.0
Reporter: Eric Yang
When viewing container logs in UI2, the log files are directly fetched through
timeline server 2. Hadoop in simple security mode does not have authenticator
to make sure the user is authorized to view the log. The general practice is
to use knox or other security proxy to authenticate the user and reserve proxy
the request to Hadoop UI to ensure the information does not leak through
anonymous user. The current implementation of UI2 log viewer uses ajax code to
timeline server 2. This could prevent knox or reverse proxy software from
working properly with the new design. It would be good to perform server side
proxy to prevent browser from side step the authentication check.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: yarn-issues-unsubscr...@hadoop.apache.org
For additional commands, e-mail: yarn-issues-h...@hadoop.apache.org
