[ https://issues.apache.org/jira/browse/HDFS-14570?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16867675#comment-16867675 ]
Kihwal Lee commented on HDFS-14570: ----------------------------------- As another workaround, one can build a simple filter that rejects any access to path starting with {{/webhdfs}}. The filter can be configured in {{hadoop.http.filter.initializers}}. You can also block or add a simple authorization for accessing any default servlet pages such as conf, stacks and jmx, without enabling security. > Bring back ability to totally disable webhdfs by bringing dfs.webhdfs.enabled > property back into the hdfs-site.xml > ------------------------------------------------------------------------------------------------------------------ > > Key: HDFS-14570 > URL: https://issues.apache.org/jira/browse/HDFS-14570 > Project: Hadoop HDFS > Issue Type: Wish > Components: webhdfs > Affects Versions: 3.0.0, 3.1.0, 3.0.1, 3.0.2, 3.2.0, 3.1.1, 3.0.3, 3.1.2 > Reporter: Scott A. Wehner > Priority: Major > Labels: webhdfs > Original Estimate: 6h > Remaining Estimate: 6h > > We don't want to enable security for viewing namenode http page, but we don't > want people to be able to modify the contents of hdfs through anonymous > access to the namenode page. in Hadoop 3 we lost the ability to totally > disable webhdfs. want to bring this back, doesn't seem to hard to do, but > makes it important in our environment. -- This message was sent by Atlassian JIRA (v7.6.3#76005) --------------------------------------------------------------------- To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org