[
https://issues.apache.org/jira/browse/YARN-7882?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Sunil Govindan updated YARN-7882:
---------------------------------
Target Version/s: 3.3.0 (was: 3.2.0)
Bulk update: moved all 3.2.0 non-blocker issues, please move back if it is a
blocker.
> Server side proxy for UI2 log viewer
> ------------------------------------
>
> Key: YARN-7882
> URL: https://issues.apache.org/jira/browse/YARN-7882
> Project: Hadoop YARN
> Issue Type: Bug
> Components: security, timelineserver, yarn-ui-v2
> Affects Versions: 3.0.0
> Reporter: Eric Yang
> Priority: Major
>
> When viewing container logs in UI2, the log files are directly fetched
> through timeline server 2. Hadoop in simple security mode does not have
> authenticator to make sure the user is authorized to view the log. The
> general practice is to use knox or other security proxy to authenticate the
> user and reserve proxy the request to Hadoop UI to ensure the information
> does not leak through anonymous user. The current implementation of UI2 log
> viewer uses ajax code to timeline server 2. This could prevent knox or
> reverse proxy software from working properly with the new design. It would
> be good to perform server side proxy to prevent browser from side step the
> authentication check.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
