[
https://issues.apache.org/jira/browse/STORM-78?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13866215#comment-13866215
]
Jon logan commented on STORM-78:
--------------------------------
This brings up all sorts of inconvenient issues. If you are unable to trust
your users on your network, what about DRPC calls? Should those also be
protected? What about using the Storm-CLI? Shouldn't those also be protected?
> Storm UI Needs HTTP Auth
> ------------------------
>
> Key: STORM-78
> URL: https://issues.apache.org/jira/browse/STORM-78
> Project: Apache Storm (Incubating)
> Issue Type: Improvement
> Reporter: James Xu
>
> https://github.com/nathanmarz/storm/issues/452
> When we start storm ui, any one can access it by ip / port. It would be good
> if there is a HTTP Auth for basic security.
> ----------
> Jagaran: We are also implementing Storm for one of our Client.
> We also need to secure HTTP based Storm UI ? Any updates or future road map
> for implementing this Security ??
> ----------
> Jargaran: I can also contribute to this part in Storm ? let me know the steps
> ----------
> lockwobr: I would also really find the feature useful. when you are in cloud
> you can't just let this kind of thing hanging in the wind.
> ----------
> tvpavan: @Jagaran Do you have a fork which has this fix ?
--
This message was sent by Atlassian JIRA
(v6.1.5#6160)
