[
https://issues.apache.org/jira/browse/FALCON-1027?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14728640#comment-14728640
]
Ajay Yadava commented on FALCON-1027:
-------------------------------------
Hi [~jbecicka2]
Currently release 0.7 is already under vote. We haven't yet decided what next
release will be(0.7.1/0.8/1.0) but we are targeting/hoping it in another 4-6
weeks from 0.7. This will be committed soon to trunk (as Sowmya has mentioned)
and will be part of next release whichever that is. Hope it helps.
> Falcon REST API trusted proxy support
> -------------------------------------
>
> Key: FALCON-1027
> URL: https://issues.apache.org/jira/browse/FALCON-1027
> Project: Falcon
> Issue Type: New Feature
> Affects Versions: 0.7
> Reporter: kenneth ho
> Assignee: Sowmya Ramesh
> Fix For: trunk
>
> Attachments: ApacheFalcon-Proxyusersupport.pdf, FALCON-1027.v0.patch,
> FALCON-1027.v1.patch, FALCON-1027.v2.patch
>
>
> In order for Falcon REST API to work securely via the Knox gateway it must be
> possible to setup a trust relationship between Knox and Falcon. This is
> commonly done in other Hadoop ecosystem components using a combination of
> Kerberos/SPNego and a doas URL query parameter. This provides a mechanism for
> Falcon to strongly authenticate Knox as a trusted proxy, ensuring that it can
> trust the identity assertions made via the doas query parameter. The links
> below provide some information describing how this is done for core Hadoop.
> Also note that most components utilize Hadoop core's reusable hadoop-auth
> module to implement this functionality.
> http://hadoop.apache.org/docs/stable/hadoop-project-dist/hadoop-hdfs/WebHDFS.html#Proxy_Users
> http://hadoop.apache.org/docs/stable/hadoop-project-dist/hadoop-common/SecureMode.html#Proxy_user
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
