Varun Saxena commented on YARN-3053:

This will be taken care by TimelineClient in the same manner as is done for 
ATSv1 currently. Plan to reuse the available functionality
We will use kerberos auth + DT for secure access.

Look at DelegationTokenAuthenticatedURL and TimelineAuthenticationFilter 

bq. But If user has custom web authentication which always to provide username 
and password
Sorry didn't get you. You mean anything other than kerberos authentication ?

> [Security] Review and implement security in ATS v.2
> ---------------------------------------------------
>                 Key: YARN-3053
>                 URL: https://issues.apache.org/jira/browse/YARN-3053
>             Project: Hadoop YARN
>          Issue Type: Sub-task
>          Components: timelineserver
>            Reporter: Sangjin Lee
>            Assignee: Varun Saxena
>              Labels: YARN-5355
>         Attachments: ATSv2Authentication(draft).pdf
> Per design in YARN-2928, we want to evaluate and review the system for 
> security, and ensure proper security in the system.
> This includes proper authentication, token management, access control, and 
> any other relevant security aspects.

This message was sent by Atlassian JIRA

To unsubscribe, e-mail: yarn-issues-unsubscr...@hadoop.apache.org
For additional commands, e-mail: yarn-issues-h...@hadoop.apache.org

Reply via email to