[
https://issues.apache.org/jira/browse/HADOOP-7119?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12990659#comment-12990659
]
Allen Wittenauer commented on HADOOP-7119:
------------------------------------------
You have the answer yourself: if it is truly meant to be a generic framework,
it would be good to get some outside eyes on it before we build something based
on it. This way if there any changes that need to be made, they can be done
earlier rather than later.
The other thing to keep in mind is that I don't think any of us would
particularly qualify as a security expert. (In the case of the existent
Kerberos code in Hadoop, I know it was reviewed by the paranoids at Y!.)
> add Kerberos HTTP SPNEGO authentication support to Hadoop JT/NN/DN/TT
> web-consoles
> ----------------------------------------------------------------------------------
>
> Key: HADOOP-7119
> URL: https://issues.apache.org/jira/browse/HADOOP-7119
> Project: Hadoop Common
> Issue Type: New Feature
> Components: security
> Affects Versions: 0.23.0
> Environment: all
> Reporter: Alejandro Abdelnur
> Assignee: Alejandro Abdelnur
> Attachments: ha-common-01.patch, ha-common-02.patch, ha-commons.patch
>
>
> Currently the JT/NN/DN/TT web-consoles don't support any form of
> authentication.
> Hadoop RPC API already supports Kerberos authentication.
> Kerberos enables single sign-on.
> Popular browsers (Firefox and Internet Explorer) have support for Kerberos
> HTTP SPNEGO.
> Adding support for Kerberos HTTP SPNEGO to Hadoop web consoles would provide
> a unified authentication mechanism and single sign-on for Hadoop web UI and
> Hadoop RPC.
--
This message is automatically generated by JIRA.
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
