Github user EronWright commented on the issue: https://github.com/apache/flink/pull/2425 @StephanEwen keep in mind that Flink's current SSL support in Flink doesn't achieve _mutual authentication_ - there's no client certificate there. With SSL enabled, an untrusted client can launch jobs in your Flink cluster and thus gain access to the Kerberos credential associated with the cluster. SSL mutual authentication is a good alternative to a shared secret, but at the time we were limited to built-in Akka functionality (which doesn't include mutual auth). Given the "flakka" fork that's now in place, a pure SSL solution might now be possible (I haven't thought it through completely). The fact remains that, today, _all the secrets known to a Flink job are exposed to everyone who can connect to the cluster's endpoint_. It would be nice to construct a holistic plan that worked out how the Web UI would support authentication and also incorporated FLIP-6. Both YARN and Mesos interpose a web proxy for the UI with its own limitations, notably no support for SSL mutual auth.
--- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the feature is enabled but not working, please contact infrastructure at infrastruct...@apache.org or file a JIRA ticket with INFRA. ---