[jira] [Commented] (HDFS-3801) Provide a way to disable browsing of files from the web UI
[ https://issues.apache.org/jira/browse/HDFS-3801?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13562474#comment-13562474 ] Suresh Srinivas commented on HDFS-3801: --- Based on the discussions so far, looks like this jira could be closed? > Provide a way to disable browsing of files from the web UI > -- > > Key: HDFS-3801 > URL: https://issues.apache.org/jira/browse/HDFS-3801 > Project: Hadoop HDFS > Issue Type: Improvement > Components: namenode >Affects Versions: 2.0.0-alpha >Reporter: Harsh J >Assignee: Harsh J >Priority: Minor > Attachments: HDFS-3801.patch > > > A few times we've had requests from users who wish to disable browsing of the > filesystem in the web UI completely, while keeping other servlet > functionality enabled (such as fsck, etc.). Right now, the cheap way to do > this is by blocking out the DN web port (50075) from access by clients, but > that also hampers HFTP transfers. > We should instead provide a toggle config for the JSPs to use and disallow > browsing if the toggle's enabled. The config can be true by default, to not > change the behavior. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HDFS-3801) Provide a way to disable browsing of files from the web UI
[ https://issues.apache.org/jira/browse/HDFS-3801?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13509374#comment-13509374 ] Andy Isaacson commented on HDFS-3801: - bq. There's been a general need to disable UI access With current Hadoop, without Kerberos, the only practical way to prevent unauthorized access is to firewall or otherwise prevent untrusted clients from connecting to the HTTP port of the NN and DN. Once a client app can connect to the DN+NN HTTP ports of a non-Kerberos Hadoop cluster, the client has full access to the cluster, as demonstrated by the filesystem browsing feature. As far as I can see, this patch tries to hide that security configuration problem by making it slightly less visible that the cluster is wide open. I think this is the wrong direction for us to be going, unless there's a credible plan for making such a "minimum security" mode into a real feature that covers all the bases. Such a mode could be quite useful as a less-invasive substitute for the existing Kerberos security, but it's a pretty large undertaking. (For example -- and this is just a 30 second strawman sketch -- there could be a shared secret across all the Hadoop components that is sent with every request, to "authenticate" that the request comes from someone who knows the secret.) > Provide a way to disable browsing of files from the web UI > -- > > Key: HDFS-3801 > URL: https://issues.apache.org/jira/browse/HDFS-3801 > Project: Hadoop HDFS > Issue Type: Improvement > Components: namenode >Affects Versions: 2.0.0-alpha >Reporter: Harsh J >Assignee: Harsh J >Priority: Minor > Attachments: HDFS-3801.patch > > > A few times we've had requests from users who wish to disable browsing of the > filesystem in the web UI completely, while keeping other servlet > functionality enabled (such as fsck, etc.). Right now, the cheap way to do > this is by blocking out the DN web port (50075) from access by clients, but > that also hampers HFTP transfers. > We should instead provide a toggle config for the JSPs to use and disallow > browsing if the toggle's enabled. The config can be true by default, to not > change the behavior. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HDFS-3801) Provide a way to disable browsing of files from the web UI
[ https://issues.apache.org/jira/browse/HDFS-3801?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13509073#comment-13509073 ] Harsh J commented on HDFS-3801: --- Thanks Steve and Andy! bq. What is the use case for this config option? How would a cluster be configured so that this feature would be useful? There's been a general need to disable UI access, although security plus ACLs plus permissions is the fully appropriate answer to that, this intends to be a cheaper way through (or maybe an addition). bq. If a cluster does not have Kerberos turned on, then any program that can connect to the HTTP port of DN+NN can retrieve files from HDFS. If this config option completely removes that capability, then I could see it being useful. I will upload a new patch that can disable that as well (I think I did disable browsing of data but perhaps not some other important parts). > Provide a way to disable browsing of files from the web UI > -- > > Key: HDFS-3801 > URL: https://issues.apache.org/jira/browse/HDFS-3801 > Project: Hadoop HDFS > Issue Type: Improvement > Components: namenode >Affects Versions: 2.0.0-alpha >Reporter: Harsh J >Assignee: Harsh J >Priority: Minor > Attachments: HDFS-3801.patch > > > A few times we've had requests from users who wish to disable browsing of the > filesystem in the web UI completely, while keeping other servlet > functionality enabled (such as fsck, etc.). Right now, the cheap way to do > this is by blocking out the DN web port (50075) from access by clients, but > that also hampers HFTP transfers. > We should instead provide a toggle config for the JSPs to use and disallow > browsing if the toggle's enabled. The config can be true by default, to not > change the behavior. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HDFS-3801) Provide a way to disable browsing of files from the web UI
[ https://issues.apache.org/jira/browse/HDFS-3801?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13509045#comment-13509045 ] Andy Isaacson commented on HDFS-3801: - Harsh, What is the use case for this config option? How would a cluster be configured so that this feature would be useful? On a quick read, it appears to me that this disables the simple http browsing feature, but it doesn't appear that it actually prevents a simple HTTP client from retrieving the files. If a cluster does not have Kerberos turned on, then any program that can connect to the HTTP port of DN+NN can retrieve files from HDFS. If this config option completely removes that capability, then I could see it being useful. If this config option merely obscures this important security fact (but leaves the files available to a programatic interface), then I don't think we should implement it. > Provide a way to disable browsing of files from the web UI > -- > > Key: HDFS-3801 > URL: https://issues.apache.org/jira/browse/HDFS-3801 > Project: Hadoop HDFS > Issue Type: Improvement > Components: namenode >Affects Versions: 2.0.0-alpha >Reporter: Harsh J >Assignee: Harsh J >Priority: Minor > Attachments: HDFS-3801.patch > > > A few times we've had requests from users who wish to disable browsing of the > filesystem in the web UI completely, while keeping other servlet > functionality enabled (such as fsck, etc.). Right now, the cheap way to do > this is by blocking out the DN web port (50075) from access by clients, but > that also hampers HFTP transfers. > We should instead provide a toggle config for the JSPs to use and disallow > browsing if the toggle's enabled. The config can be true by default, to not > change the behavior. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HDFS-3801) Provide a way to disable browsing of files from the web UI
[ https://issues.apache.org/jira/browse/HDFS-3801?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13508798#comment-13508798 ] Steve Loughran commented on HDFS-3801: -- Patch-wise, looks OK to me -though I'll defer the vote to suresh or someone else who knows more about filesystems > Provide a way to disable browsing of files from the web UI > -- > > Key: HDFS-3801 > URL: https://issues.apache.org/jira/browse/HDFS-3801 > Project: Hadoop HDFS > Issue Type: Improvement > Components: namenode >Affects Versions: 2.0.0-alpha >Reporter: Harsh J >Assignee: Harsh J >Priority: Minor > Attachments: HDFS-3801.patch > > > A few times we've had requests from users who wish to disable browsing of the > filesystem in the web UI completely, while keeping other servlet > functionality enabled (such as fsck, etc.). Right now, the cheap way to do > this is by blocking out the DN web port (50075) from access by clients, but > that also hampers HFTP transfers. > We should instead provide a toggle config for the JSPs to use and disallow > browsing if the toggle's enabled. The config can be true by default, to not > change the behavior. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HDFS-3801) Provide a way to disable browsing of files from the web UI
[ https://issues.apache.org/jira/browse/HDFS-3801?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13508315#comment-13508315 ] Harsh J commented on HDFS-3801: --- Any comments on the patch? It provides a toggle that disables all browsable (i.e. linked/navigable) pages and carries a simple test as well. > Provide a way to disable browsing of files from the web UI > -- > > Key: HDFS-3801 > URL: https://issues.apache.org/jira/browse/HDFS-3801 > Project: Hadoop HDFS > Issue Type: Improvement > Components: namenode >Affects Versions: 2.0.0-alpha >Reporter: Harsh J >Assignee: Harsh J >Priority: Minor > Attachments: HDFS-3801.patch > > > A few times we've had requests from users who wish to disable browsing of the > filesystem in the web UI completely, while keeping other servlet > functionality enabled (such as fsck, etc.). Right now, the cheap way to do > this is by blocking out the DN web port (50075) from access by clients, but > that also hampers HFTP transfers. > We should instead provide a toggle config for the JSPs to use and disallow > browsing if the toggle's enabled. The config can be true by default, to not > change the behavior. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HDFS-3801) Provide a way to disable browsing of files from the web UI
[ https://issues.apache.org/jira/browse/HDFS-3801?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13471362#comment-13471362 ] Hadoop QA commented on HDFS-3801: - {color:green}+1 overall{color}. Here are the results of testing the latest attachment http://issues.apache.org/jira/secure/attachment/12548179/HDFS-3801.patch against trunk revision . {color:green}+1 @author{color}. The patch does not contain any @author tags. {color:green}+1 tests included{color}. The patch appears to include 2 new or modified test files. {color:green}+1 javac{color}. The applied patch does not increase the total number of javac compiler warnings. {color:green}+1 javadoc{color}. The javadoc tool did not generate any warning messages. {color:green}+1 eclipse:eclipse{color}. The patch built with eclipse:eclipse. {color:green}+1 findbugs{color}. The patch does not introduce any new Findbugs (version 1.3.9) warnings. {color:green}+1 release audit{color}. The applied patch does not increase the total number of release audit warnings. {color:green}+1 core tests{color}. The patch passed unit tests in hadoop-hdfs-project/hadoop-hdfs. {color:green}+1 contrib tests{color}. The patch passed contrib unit tests. Test results: https://builds.apache.org/job/PreCommit-HDFS-Build/3288//testReport/ Console output: https://builds.apache.org/job/PreCommit-HDFS-Build/3288//console This message is automatically generated. > Provide a way to disable browsing of files from the web UI > -- > > Key: HDFS-3801 > URL: https://issues.apache.org/jira/browse/HDFS-3801 > Project: Hadoop HDFS > Issue Type: Improvement > Components: name-node >Affects Versions: 2.0.0-alpha >Reporter: Harsh J >Assignee: Harsh J >Priority: Minor > Attachments: HDFS-3801.patch > > > A few times we've had requests from users who wish to disable browsing of the > filesystem in the web UI completely, while keeping other servlet > functionality enabled (such as fsck, etc.). Right now, the cheap way to do > this is by blocking out the DN web port (50075) from access by clients, but > that also hampers HFTP transfers. > We should instead provide a toggle config for the JSPs to use and disallow > browsing if the toggle's enabled. The config can be true by default, to not > change the behavior. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HDFS-3801) Provide a way to disable browsing of files from the web UI
[ https://issues.apache.org/jira/browse/HDFS-3801?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13434268#comment-13434268 ] Harsh J commented on HDFS-3801: --- Thanks Steve. That should be possible to do, given that we mostly seem to call the JspHelper class methods. > Provide a way to disable browsing of files from the web UI > -- > > Key: HDFS-3801 > URL: https://issues.apache.org/jira/browse/HDFS-3801 > Project: Hadoop HDFS > Issue Type: Improvement > Components: name-node >Affects Versions: 2.0.0-alpha >Reporter: Harsh J >Priority: Minor > > A few times we've had requests from users who wish to disable browsing of the > filesystem in the web UI completely, while keeping other servlet > functionality enabled (such as fsck, etc.). Right now, the cheap way to do > this is by blocking out the DN web port (50075) from access by clients, but > that also hampers HFTP transfers. > We should instead provide a toggle config for the JSPs to use and disallow > browsing if the toggle's enabled. The config can be true by default, to not > change the behavior. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HDFS-3801) Provide a way to disable browsing of files from the web UI
[ https://issues.apache.org/jira/browse/HDFS-3801?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13434265#comment-13434265 ] Steve Loughran commented on HDFS-3801: -- There's a lot of java code in the JSPs already, which is bad practise from testing and maintenance viewpoints. extra logic should ideally go into a Java layer that the JSPs talk to > Provide a way to disable browsing of files from the web UI > -- > > Key: HDFS-3801 > URL: https://issues.apache.org/jira/browse/HDFS-3801 > Project: Hadoop HDFS > Issue Type: Improvement > Components: name-node >Affects Versions: 2.0.0-alpha >Reporter: Harsh J >Priority: Minor > > A few times we've had requests from users who wish to disable browsing of the > filesystem in the web UI completely, while keeping other servlet > functionality enabled (such as fsck, etc.). Right now, the cheap way to do > this is by blocking out the DN web port (50075) from access by clients, but > that also hampers HFTP transfers. > We should instead provide a toggle config for the JSPs to use and disallow > browsing if the toggle's enabled. The config can be true by default, to not > change the behavior. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HDFS-3801) Provide a way to disable browsing of files from the web UI
[ https://issues.apache.org/jira/browse/HDFS-3801?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13434064#comment-13434064 ] Harsh J commented on HDFS-3801: --- Suresh - The general need seems to be to prevent users external to the group that uses HDFS to read/browse files. Now this can be done by enabling the kerberos hadoop.http.authentication.type but not many users need the web file browsing facility itself, and hence it would be beneficial if this can be toggled off to prevent anyone (in or out of the group). This would also help as a toggle on non-secure installations. > Provide a way to disable browsing of files from the web UI > -- > > Key: HDFS-3801 > URL: https://issues.apache.org/jira/browse/HDFS-3801 > Project: Hadoop HDFS > Issue Type: Improvement > Components: name-node >Affects Versions: 2.0.0-alpha >Reporter: Harsh J >Priority: Minor > > A few times we've had requests from users who wish to disable browsing of the > filesystem in the web UI completely, while keeping other servlet > functionality enabled (such as fsck, etc.). Right now, the cheap way to do > this is by blocking out the DN web port (50075) from access by clients, but > that also hampers HFTP transfers. > We should instead provide a toggle config for the JSPs to use and disallow > browsing if the toggle's enabled. The config can be true by default, to not > change the behavior. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HDFS-3801) Provide a way to disable browsing of files from the web UI
[ https://issues.apache.org/jira/browse/HDFS-3801?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13433896#comment-13433896 ] Suresh Srinivas commented on HDFS-3801: --- bq. we've had requests from users who wish to disable browsing of the filesystem in the web UI completely Harsh what is the reason for this? > Provide a way to disable browsing of files from the web UI > -- > > Key: HDFS-3801 > URL: https://issues.apache.org/jira/browse/HDFS-3801 > Project: Hadoop HDFS > Issue Type: Improvement > Components: name-node >Affects Versions: 2.0.0-alpha >Reporter: Harsh J >Priority: Minor > > A few times we've had requests from users who wish to disable browsing of the > filesystem in the web UI completely, while keeping other servlet > functionality enabled (such as fsck, etc.). Right now, the cheap way to do > this is by blocking out the DN web port (50075) from access by clients, but > that also hampers HFTP transfers. > We should instead provide a toggle config for the JSPs to use and disallow > browsing if the toggle's enabled. The config can be true by default, to not > change the behavior. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira