[ 
https://issues.apache.org/jira/browse/SPARK-20982?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16037994#comment-16037994
 ] 

Saisai Shao commented on SPARK-20982:
-------------------------------------

Thanks a lot [~vanzin] for your response. Though this {{RestSubmissionServer}} 
uses Jetty to start a {{Server}}, but it doesn't leverage 
{{JettyUtils#startJettyServer}} to start a {{Server}}, instead it has its own 
code {{RestSubmissionServer#doStart}}, so from the code side it doesn't honor 
existing {{SSLOptions}} configurations. So I think it would be good to unify 
the code here and support SSL.

> Consider adding SSL support for Spark REST submission server and client
> -----------------------------------------------------------------------
>
>                 Key: SPARK-20982
>                 URL: https://issues.apache.org/jira/browse/SPARK-20982
>             Project: Spark
>          Issue Type: Improvement
>          Components: Spark Submit
>    Affects Versions: 2.2.0
>            Reporter: Saisai Shao
>            Priority: Minor
>
> Currently all the Spark's http connection is secured by SSL except REST 
> submission client and server used in Standalone and Mesos cluster mode. This 
> could potentially be a security hole when running in a fully secured 
> environment. Though this REST client and server are not public, only used by 
> {{SparkSubmit}} internally, since it opened a http connection, so user could 
> still use it bypass {{SparkSubmit}}.
> So here proposed to SSL support for {{RestSubmissionClient}} and 
> {{RestSubmissionServer}}.
> CC [~tgraves] [~vanzin], what's your opinion on this? Would be grateful to 
> see your comments.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@spark.apache.org
For additional commands, e-mail: issues-h...@spark.apache.org

Reply via email to