git commit: SPARK-1890 and SPARK-1891- add admin and modify acls
Repository: spark
Updated Branches:
refs/heads/master 2c0f705e2 -> 1ca23
SPARK-1890 and SPARK-1891- add admin and modify acls
It was easier to combine these 2 jira since they touch many of the same places.
This pr adds the following:
- adds modify acls
- adds admin acls (list of admins/users that get added to both view and modify
acls)
- modify Kill button on UI to take modify acls into account
- changes config name of spark.ui.acls.enable to spark.acls.enable since I
choose poorly in original name. We keep backwards compatibility so people can
still use spark.ui.acls.enable. The acls should apply to any web ui as well as
any CLI interfaces.
- send view and modify acls information on to YARN so that YARN interfaces can
use (yarn cli for killing applications for example).
Author: Thomas Graves
Closes #1196 from tgravescs/SPARK-1890 and squashes the following commits:
8292eb1 [Thomas Graves] review comments
b92ec89 [Thomas Graves] remove unneeded variable from applistener
4c765f4 [Thomas Graves] Add in admin acls
72eb0ac [Thomas Graves] Add modify acls
Project: http://git-wip-us.apache.org/repos/asf/spark/repo
Commit: http://git-wip-us.apache.org/repos/asf/spark/commit/1ca2
Tree: http://git-wip-us.apache.org/repos/asf/spark/tree/1ca2
Diff: http://git-wip-us.apache.org/repos/asf/spark/diff/1ca2
Branch: refs/heads/master
Commit: 1ca23d3aa40423d658cfbf2c956ad415a6b1
Parents: 2c0f705
Author: Thomas Graves
Authored: Tue Aug 5 12:52:52 2014 -0500
Committer: Thomas Graves
Committed: Tue Aug 5 12:52:52 2014 -0500
--
.../org/apache/spark/SecurityManager.scala | 107 ---
.../deploy/history/FsHistoryProvider.scala | 4 +-
.../scheduler/ApplicationEventListener.scala| 4 +-
.../apache/spark/ui/jobs/JobProgressTab.scala | 2 +-
.../org/apache/spark/SecurityManagerSuite.scala | 83 --
docs/configuration.md | 27 -
docs/security.md| 7 +-
.../apache/spark/deploy/yarn/ClientBase.scala | 9 +-
8 files changed, 206 insertions(+), 37 deletions(-)
--
http://git-wip-us.apache.org/repos/asf/spark/blob/1ca2/core/src/main/scala/org/apache/spark/SecurityManager.scala
--
diff --git a/core/src/main/scala/org/apache/spark/SecurityManager.scala
b/core/src/main/scala/org/apache/spark/SecurityManager.scala
index 74aa441..25c2c9f 100644
--- a/core/src/main/scala/org/apache/spark/SecurityManager.scala
+++ b/core/src/main/scala/org/apache/spark/SecurityManager.scala
@@ -41,10 +41,19 @@ import org.apache.spark.deploy.SparkHadoopUtil
* secure the UI if it has data that other users should not be allowed to see.
The javax
* servlet filter specified by the user can authenticate the user and then
once the user
* is logged in, Spark can compare that user versus the view acls to make sure
they are
- * authorized to view the UI. The configs 'spark.ui.acls.enable' and
'spark.ui.view.acls'
+ * authorized to view the UI. The configs 'spark.acls.enable' and
'spark.ui.view.acls'
* control the behavior of the acls. Note that the person who started the
application
* always has view access to the UI.
*
+ * Spark has a set of modify acls (`spark.modify.acls`) that controls which
users have permission
+ * to modify a single application. This would include things like killing the
application. By
+ * default the person who started the application has modify access. For
modify access through
+ * the UI, you must have a filter that does authentication in place for the
modify acls to work
+ * properly.
+ *
+ * Spark also has a set of admin acls (`spark.admin.acls`) which is a set of
users/administrators
+ * who always have permission to view or modify the Spark application.
+ *
* Spark does not currently support encryption after authentication.
*
* At this point spark has multiple communication protocols that need to be
secured and
@@ -137,18 +146,32 @@ private[spark] class SecurityManager(sparkConf:
SparkConf) extends Logging {
private val sparkSecretLookupKey = "sparkCookie"
private val authOn = sparkConf.getBoolean("spark.authenticate", false)
- private var uiAclsOn = sparkConf.getBoolean("spark.ui.acls.enable", false)
+ // keep spark.ui.acls.enable for backwards compatibility with 1.0
+ private var aclsOn = sparkConf.getOption("spark.acls.enable").getOrElse(
+sparkConf.get("spark.ui.acls.enable", "false")).toBoolean
+
+ // admin acls should be set before view or modify acls
+ private var adminAcls: Set[String] =
+stringToSet(sparkConf.get("spark.admin.acls", ""))
private var viewAcls: Set[String] = _
+
+ // list of users who have permission to modify the application. This should
+ // apply to both UI and CLI for things like killing th
git commit: SPARK-1890 and SPARK-1891- add admin and modify acls
Repository: spark
Updated Branches:
refs/heads/branch-1.1 6c0c65fc8 -> e3fe6571d
SPARK-1890 and SPARK-1891- add admin and modify acls
It was easier to combine these 2 jira since they touch many of the same places.
This pr adds the following:
- adds modify acls
- adds admin acls (list of admins/users that get added to both view and modify
acls)
- modify Kill button on UI to take modify acls into account
- changes config name of spark.ui.acls.enable to spark.acls.enable since I
choose poorly in original name. We keep backwards compatibility so people can
still use spark.ui.acls.enable. The acls should apply to any web ui as well as
any CLI interfaces.
- send view and modify acls information on to YARN so that YARN interfaces can
use (yarn cli for killing applications for example).
Author: Thomas Graves
Closes #1196 from tgravescs/SPARK-1890 and squashes the following commits:
8292eb1 [Thomas Graves] review comments
b92ec89 [Thomas Graves] remove unneeded variable from applistener
4c765f4 [Thomas Graves] Add in admin acls
72eb0ac [Thomas Graves] Add modify acls
(cherry picked from commit 1ca23d3aa40423d658cfbf2c956ad415a6b1)
Signed-off-by: Thomas Graves
Project: http://git-wip-us.apache.org/repos/asf/spark/repo
Commit: http://git-wip-us.apache.org/repos/asf/spark/commit/e3fe6571
Tree: http://git-wip-us.apache.org/repos/asf/spark/tree/e3fe6571
Diff: http://git-wip-us.apache.org/repos/asf/spark/diff/e3fe6571
Branch: refs/heads/branch-1.1
Commit: e3fe6571decfdc406ec6d505fd92f9f2b85a618c
Parents: 6c0c65f
Author: Thomas Graves
Authored: Tue Aug 5 12:52:52 2014 -0500
Committer: Thomas Graves
Committed: Tue Aug 5 12:53:05 2014 -0500
--
.../org/apache/spark/SecurityManager.scala | 107 ---
.../deploy/history/FsHistoryProvider.scala | 4 +-
.../scheduler/ApplicationEventListener.scala| 4 +-
.../apache/spark/ui/jobs/JobProgressTab.scala | 2 +-
.../org/apache/spark/SecurityManagerSuite.scala | 83 --
docs/configuration.md | 27 -
docs/security.md| 7 +-
.../apache/spark/deploy/yarn/ClientBase.scala | 9 +-
8 files changed, 206 insertions(+), 37 deletions(-)
--
http://git-wip-us.apache.org/repos/asf/spark/blob/e3fe6571/core/src/main/scala/org/apache/spark/SecurityManager.scala
--
diff --git a/core/src/main/scala/org/apache/spark/SecurityManager.scala
b/core/src/main/scala/org/apache/spark/SecurityManager.scala
index 74aa441..25c2c9f 100644
--- a/core/src/main/scala/org/apache/spark/SecurityManager.scala
+++ b/core/src/main/scala/org/apache/spark/SecurityManager.scala
@@ -41,10 +41,19 @@ import org.apache.spark.deploy.SparkHadoopUtil
* secure the UI if it has data that other users should not be allowed to see.
The javax
* servlet filter specified by the user can authenticate the user and then
once the user
* is logged in, Spark can compare that user versus the view acls to make sure
they are
- * authorized to view the UI. The configs 'spark.ui.acls.enable' and
'spark.ui.view.acls'
+ * authorized to view the UI. The configs 'spark.acls.enable' and
'spark.ui.view.acls'
* control the behavior of the acls. Note that the person who started the
application
* always has view access to the UI.
*
+ * Spark has a set of modify acls (`spark.modify.acls`) that controls which
users have permission
+ * to modify a single application. This would include things like killing the
application. By
+ * default the person who started the application has modify access. For
modify access through
+ * the UI, you must have a filter that does authentication in place for the
modify acls to work
+ * properly.
+ *
+ * Spark also has a set of admin acls (`spark.admin.acls`) which is a set of
users/administrators
+ * who always have permission to view or modify the Spark application.
+ *
* Spark does not currently support encryption after authentication.
*
* At this point spark has multiple communication protocols that need to be
secured and
@@ -137,18 +146,32 @@ private[spark] class SecurityManager(sparkConf:
SparkConf) extends Logging {
private val sparkSecretLookupKey = "sparkCookie"
private val authOn = sparkConf.getBoolean("spark.authenticate", false)
- private var uiAclsOn = sparkConf.getBoolean("spark.ui.acls.enable", false)
+ // keep spark.ui.acls.enable for backwards compatibility with 1.0
+ private var aclsOn = sparkConf.getOption("spark.acls.enable").getOrElse(
+sparkConf.get("spark.ui.acls.enable", "false")).toBoolean
+
+ // admin acls should be set before view or modify acls
+ private var adminAcls: Set[String] =
+stringToSet(sparkConf.get("spark.admin.acls", ""))
private var viewAcls: Set[String] = _
+
+ // list of users who have
