[
https://issues.apache.org/jira/browse/LIVY-894?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17636334#comment-17636334
]
Larry McCay commented on LIVY-894:
----------------------------------
[~bgajjela] - my earlier comment should have included "and you are willing and
able to provide a patch for this issue within the next couple weeks".
Are you signing up to provide this fix?
As this is not a regression and there are workarounds available such as having
access to Livy proxied by Apache Knox which can fill the LDAP and other
authentication roles, I don't see this as a critical issue to land in 0.8.0.
Again, if you plan to provide such a patch then we can certainly pull it back
in.
> Add secure authentication for livy when ldap is configured for authentication
> -----------------------------------------------------------------------------
>
> Key: LIVY-894
> URL: https://issues.apache.org/jira/browse/LIVY-894
> Project: Livy
> Issue Type: New Feature
> Components: API
> Affects Versions: 0.7.0
> Reporter: bharath kumar
> Priority: Critical
> Fix For: 0.8.0
>
>
> Hello,
> As i understand , livy authentication with ldap is not secured. Since
> authentication is BASIC and tls is disabled, livy would be susceptible to
> man-in-the-middle attacks. Can you please look in to this and provide a
> secure authentication mechanism for livy with ldap integration.
> Thanks
> Bharath
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
