[
https://issues.apache.org/jira/browse/HDFS-14570?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16867675#comment-16867675
]
Kihwal Lee commented on HDFS-14570:
-----------------------------------
As another workaround, one can build a simple filter that rejects any access to
path starting with {{/webhdfs}}. The filter can be configured in
{{hadoop.http.filter.initializers}}. You can also block or add a simple
authorization for accessing any default servlet pages such as conf, stacks and
jmx, without enabling security.
> Bring back ability to totally disable webhdfs by bringing dfs.webhdfs.enabled
> property back into the hdfs-site.xml
> ------------------------------------------------------------------------------------------------------------------
>
> Key: HDFS-14570
> URL: https://issues.apache.org/jira/browse/HDFS-14570
> Project: Hadoop HDFS
> Issue Type: Wish
> Components: webhdfs
> Affects Versions: 3.0.0, 3.1.0, 3.0.1, 3.0.2, 3.2.0, 3.1.1, 3.0.3, 3.1.2
> Reporter: Scott A. Wehner
> Priority: Major
> Labels: webhdfs
> Original Estimate: 6h
> Remaining Estimate: 6h
>
> We don't want to enable security for viewing namenode http page, but we don't
> want people to be able to modify the contents of hdfs through anonymous
> access to the namenode page. in Hadoop 3 we lost the ability to totally
> disable webhdfs. want to bring this back, doesn't seem to hard to do, but
> makes it important in our environment.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org
For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org
