[jira] [Comment Edited] (SPARK-2750) Add Https support for Web UI

Thu, 16 Oct 2014 10:37:09 -0700 

    [ 
https://issues.apache.org/jira/browse/SPARK-2750?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14174003#comment-14174003
 ] 

Marcelo Vanzin edited comment on SPARK-2750 at 10/16/14 5:35 PM:
-----------------------------------------------------------------

FYI, any PR here should make sure the default configuration is safe against the 
"POODLE" attack (https://access.redhat.com/security/cve/CVE-2014-3566). Here's 
something for Jetty:

http://stackoverflow.com/questions/26382540/how-to-disable-the-sslv3-protocol-in-jetty-to-prevent-poodle-attack


was (Author: vanzin):
FYI, any PR here should make sure the default configuration is save against the 
"POODLE" attack (https://access.redhat.com/security/cve/CVE-2014-3566). Here's 
something for Jetty:

http://stackoverflow.com/questions/26382540/how-to-disable-the-sslv3-protocol-in-jetty-to-prevent-poodle-attack

> Add Https support for Web UI
> ----------------------------
>
>                 Key: SPARK-2750
>                 URL: https://issues.apache.org/jira/browse/SPARK-2750
>             Project: Spark
>          Issue Type: New Feature
>          Components: Web UI
>            Reporter: WangTaoTheTonic
>              Labels: https, ssl, webui
>             Fix For: 1.0.3
>
>   Original Estimate: 96h
>  Remaining Estimate: 96h
>
> Now I try to add https support for web ui using Jetty ssl integration.Below 
> is the plan:
> 1.Web UI include Master UI, Worker UI, HistoryServer UI and Spark Ui. User 
> can switch between https and http by configure "spark.http.policy" in JVM 
> property for each process, while choose http by default.
> 2.Web port of Master and worker would be decided in order of launch 
> arguments, JVM property, System Env and default port.
> 3.Below is some other configuration items:
> spark.ssl.server.keystore.location The file or URL of the SSL Key store
> spark.ssl.server.keystore.password  The password for the key store
> spark.ssl.server.keystore.keypassword The password (if any) for the specific 
> key within the key store
> spark.ssl.server.keystore.type The type of the key store (default "JKS")
> spark.client.https.need-auth True if SSL needs client authentication
> spark.ssl.server.truststore.location The file name or URL of the trust store 
> location
> spark.ssl.server.truststore.password The password for the trust store
> spark.ssl.server.truststore.type The type of the trust store (default "JKS")
> Any feedback is welcome!



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@spark.apache.org
For additional commands, e-mail: issues-h...@spark.apache.org

Reply via email to