Rohith Sharma K S commented on YARN-3053:

I have basic question on ATSv2 security model. ATSv2 claims that all the 
communication is based on REST end points. How does it solve custom web 
authentication issue invoked from CLI commands? Let say, in YARN 
ApplicationClientProtocol is RPC based API and ApplicationCLI make use of 
getting the reports and other stuff. This was secured communication by doing 
kinit . 

Now, If same ApplicationCLI want to get application report from ATSv2, then 
expected to invoke REST call to ATSv2 for application report. But If user has 
custom web authentication which always to provide username and password then 
how does ATSv2 guarantee security for this?

> [Security] Review and implement security in ATS v.2
> ---------------------------------------------------
>                 Key: YARN-3053
>                 URL: https://issues.apache.org/jira/browse/YARN-3053
>             Project: Hadoop YARN
>          Issue Type: Sub-task
>          Components: timelineserver
>            Reporter: Sangjin Lee
>            Assignee: Varun Saxena
>              Labels: YARN-5355
>         Attachments: ATSv2Authentication(draft).pdf
> Per design in YARN-2928, we want to evaluate and review the system for 
> security, and ensure proper security in the system.
> This includes proper authentication, token management, access control, and 
> any other relevant security aspects.

This message was sent by Atlassian JIRA

To unsubscribe, e-mail: yarn-issues-unsubscr...@hadoop.apache.org
For additional commands, e-mail: yarn-issues-h...@hadoop.apache.org

Reply via email to