[ https://issues.apache.org/jira/browse/LIVY-894?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17636334#comment-17636334 ]
Larry McCay commented on LIVY-894: ---------------------------------- [~bgajjela] - my earlier comment should have included "and you are willing and able to provide a patch for this issue within the next couple weeks". Are you signing up to provide this fix? As this is not a regression and there are workarounds available such as having access to Livy proxied by Apache Knox which can fill the LDAP and other authentication roles, I don't see this as a critical issue to land in 0.8.0. Again, if you plan to provide such a patch then we can certainly pull it back in. > Add secure authentication for livy when ldap is configured for authentication > ----------------------------------------------------------------------------- > > Key: LIVY-894 > URL: https://issues.apache.org/jira/browse/LIVY-894 > Project: Livy > Issue Type: New Feature > Components: API > Affects Versions: 0.7.0 > Reporter: bharath kumar > Priority: Critical > Fix For: 0.8.0 > > > Hello, > As i understand , livy authentication with ldap is not secured. Since > authentication is BASIC and tls is disabled, livy would be susceptible to > man-in-the-middle attacks. Can you please look in to this and provide a > secure authentication mechanism for livy with ldap integration. > Thanks > Bharath -- This message was sent by Atlassian Jira (v8.20.10#820010)