[
https://issues.apache.org/jira/browse/SENTRY-2102?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Vadim Spector updated SENTRY-2102:
----------------------------------
Description:
There is the implementation of HTTP server which is supposed to be the standard
for all Hadoop components implementing Web UIs:
https://github.com/apache/hadoop/blob/trunk/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/http/HttpServer2.java
It comes with built-in support of SSL, SPNEGO (Kerberos from browsers), plus
authorization - all configurable.
It comes with pre-configured servlets, such as Stack, LogLevel servlet,
Metrics, JMX, Configuration, all for free.
Sentry code is still using its own SentryWebServer.java implementation. Some of
Sentry's servlets are already supported in HttpServer2 (maybe even improved
versions of those).
In addition, HttpServer2 security features satisfy security demands of
commercial deployment, unlike our own Web UI, which security-conscious
customers may be reluctant to activate for good reasons.
Switching to HttpServer2 would be a major improvement of the Sentry product
(and less code to support).
was:
There is the implementation of HTTP server which is supposed to be the standard
for all Hadoop components implementing Web UIs:
https://github.com/apache/hadoop/blob/trunk/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/http/HttpServer2.java
It comes with built-in support of SSL, SPNEGO (Kerberos from browsers), plus
authorization - all configurable.
It comes with pre-configured servlets, such as Stack, LogLevel servlet,
Metrics, JMX, Configuration, all for free.
Sentry code is still using its own SentryWebServer.java implementation. ? Some
of Sentry's servlets are already supported in HttpServer2 (maybe even improved
versions of those).
In addition, HttpServer2 security features satisfy security demands of
commercial deployment, unlike our own Web UI, which security-conscious
customers may be reluctant to activate for good reasons.
Switching to HttpServer2 would be a major improvement of the Sentry product
(and less code to support).
> Switching to HttpServer2 for WebUI access
> -----------------------------------------
>
> Key: SENTRY-2102
> URL: https://issues.apache.org/jira/browse/SENTRY-2102
> Project: Sentry
> Issue Type: Improvement
> Reporter: Vadim Spector
>
> There is the implementation of HTTP server which is supposed to be the
> standard for all Hadoop components implementing Web UIs:
> https://github.com/apache/hadoop/blob/trunk/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/http/HttpServer2.java
> It comes with built-in support of SSL, SPNEGO (Kerberos from browsers), plus
> authorization - all configurable.
> It comes with pre-configured servlets, such as Stack, LogLevel servlet,
> Metrics, JMX, Configuration, all for free.
> Sentry code is still using its own SentryWebServer.java implementation. Some
> of Sentry's servlets are already supported in HttpServer2 (maybe even
> improved versions of those).
> In addition, HttpServer2 security features satisfy security demands of
> commercial deployment, unlike our own Web UI, which security-conscious
> customers may be reluctant to activate for good reasons.
> Switching to HttpServer2 would be a major improvement of the Sentry product
> (and less code to support).
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
