[ https://issues.apache.org/jira/browse/HDFS-3801?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13509374#comment-13509374 ]
Andy Isaacson commented on HDFS-3801: ------------------------------------- bq. There's been a general need to disable UI access With current Hadoop, without Kerberos, the only practical way to prevent unauthorized access is to firewall or otherwise prevent untrusted clients from connecting to the HTTP port of the NN and DN. Once a client app can connect to the DN+NN HTTP ports of a non-Kerberos Hadoop cluster, the client has full access to the cluster, as demonstrated by the filesystem browsing feature. As far as I can see, this patch tries to hide that security configuration problem by making it slightly less visible that the cluster is wide open. I think this is the wrong direction for us to be going, unless there's a credible plan for making such a "minimum security" mode into a real feature that covers all the bases. Such a mode could be quite useful as a less-invasive substitute for the existing Kerberos security, but it's a pretty large undertaking. (For example -- and this is just a 30 second strawman sketch -- there could be a shared secret across all the Hadoop components that is sent with every request, to "authenticate" that the request comes from someone who knows the secret.) > Provide a way to disable browsing of files from the web UI > ---------------------------------------------------------- > > Key: HDFS-3801 > URL: https://issues.apache.org/jira/browse/HDFS-3801 > Project: Hadoop HDFS > Issue Type: Improvement > Components: namenode > Affects Versions: 2.0.0-alpha > Reporter: Harsh J > Assignee: Harsh J > Priority: Minor > Attachments: HDFS-3801.patch > > > A few times we've had requests from users who wish to disable browsing of the > filesystem in the web UI completely, while keeping other servlet > functionality enabled (such as fsck, etc.). Right now, the cheap way to do > this is by blocking out the DN web port (50075) from access by clients, but > that also hampers HFTP transfers. > We should instead provide a toggle config for the JSPs to use and disallow > browsing if the toggle's enabled. The config can be true by default, to not > change the behavior. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira