[GitHub] [hbase] joshelser commented on a change in pull request #936: HBASE-17115 Define UI admins via an ACL
joshelser commented on a change in pull request #936: HBASE-17115 Define UI
admins via an ACL
URL: https://github.com/apache/hbase/pull/936#discussion_r370885196
##
File path:
hbase-http/src/main/java/org/apache/hadoop/hbase/http/HttpServer.java
##
@@ -712,23 +723,24 @@ private void setContextAttributes(ServletContextHandler
context, Configuration c
* Add default servlets.
*/
protected void addDefaultServlets(ContextHandlerCollection contexts) throws
IOException {
+
// set up default servlets
-addServlet("stacks", "/stacks", StackServlet.class);
-addServlet("logLevel", "/logLevel", LogLevel.Servlet.class);
+addPrivilegedServlet("stacks", "/stacks", StackServlet.class);
+addPrivilegedServlet("logLevel", "/logLevel", LogLevel.Servlet.class);
// Hadoop3 has moved completely to metrics2, and dropped support for
Metrics v1's
// MetricsServlet (see HADOOP-12504). We'll using reflection to load if
against hadoop2.
// Remove when we drop support for hbase on hadoop2.x.
try {
- Class clz = Class.forName("org.apache.hadoop.metrics.MetricsServlet");
- addServlet("metrics", "/metrics", clz);
+ Class clz = Class.forName("org.apache.hadoop.metrics.MetricsServlet");
+ addPrivilegedServlet("metrics", "/metrics",
clz.asSubclass(HttpServlet.class));
} catch (Exception e) {
// do nothing
}
-addServlet("jmx", "/jmx", JMXJsonServlet.class);
-addServlet("conf", "/conf", ConfServlet.class);
+addPrivilegedServlet("jmx", "/jmx", JMXJsonServlet.class);
+addUnprivilegedServlet("conf", "/conf", ConfServlet.class);
Review comment:
> host/ports/usernames applies to conf
There's a difference between well-known daemons (what should be in conf/)
and HBase clients. We shouldn't be advertising to the world who is talking to
HBase.
> in a "properly" secured system they'd all be behind Hadoop Credential
Providers right?
I agree with Busbey here -- I don't think there's a case where we should
expect to have unprotected secrets in the configuration. However, I will
concede that folks may do this anyways. I'll add a default-false option to
protect the conf endpoint, just in case.
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
With regards,
Apache Git Services
[GitHub] [hbase] joshelser commented on a change in pull request #936: HBASE-17115 Define UI admins via an ACL
joshelser commented on a change in pull request #936: HBASE-17115 Define UI
admins via an ACL
URL: https://github.com/apache/hbase/pull/936#discussion_r370841975
##
File path:
hbase-http/src/main/java/org/apache/hadoop/hbase/http/HttpServer.java
##
@@ -712,23 +723,24 @@ private void setContextAttributes(ServletContextHandler
context, Configuration c
* Add default servlets.
*/
protected void addDefaultServlets(ContextHandlerCollection contexts) throws
IOException {
+
// set up default servlets
-addServlet("stacks", "/stacks", StackServlet.class);
-addServlet("logLevel", "/logLevel", LogLevel.Servlet.class);
+addPrivilegedServlet("stacks", "/stacks", StackServlet.class);
+addPrivilegedServlet("logLevel", "/logLevel", LogLevel.Servlet.class);
// Hadoop3 has moved completely to metrics2, and dropped support for
Metrics v1's
// MetricsServlet (see HADOOP-12504). We'll using reflection to load if
against hadoop2.
// Remove when we drop support for hbase on hadoop2.x.
try {
- Class clz = Class.forName("org.apache.hadoop.metrics.MetricsServlet");
- addServlet("metrics", "/metrics", clz);
+ Class clz = Class.forName("org.apache.hadoop.metrics.MetricsServlet");
+ addUnprivilegedServlet("metrics", "/metrics",
clz.asSubclass(HttpServlet.class));
Review comment:
Funny. It looks like this is an empty endpoint on Hadoop2. I didn't know we
exposed this, but I'll mark it as privileged nonetheless :)
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
With regards,
Apache Git Services
[GitHub] [hbase] joshelser commented on a change in pull request #936: HBASE-17115 Define UI admins via an ACL
joshelser commented on a change in pull request #936: HBASE-17115 Define UI
admins via an ACL
URL: https://github.com/apache/hbase/pull/936#discussion_r370818099
##
File path:
hbase-http/src/main/java/org/apache/hadoop/hbase/http/HttpServer.java
##
@@ -691,7 +703,6 @@ protected void addDefaultApps(ContextHandlerCollection
parent,
}
logContext.setDisplayName("logs");
setContextAttributes(logContext, conf);
- addNoCacheFilter(webAppContext);
Review comment:
We already do it globally on the WebAppContext. This just re-added the same
filter.
https://github.com/apache/hbase/blob/978546b2f247b29dd63bad55b17fdc2e7a31e55d/hbase-http/src/main/java/org/apache/hadoop/hbase/http/HttpServer.java#L642
Meant to leave a comment stating that but forgot.
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
With regards,
Apache Git Services
[GitHub] [hbase] joshelser commented on a change in pull request #936: HBASE-17115 Define UI admins via an ACL
joshelser commented on a change in pull request #936: HBASE-17115 Define UI admins via an ACL URL: https://github.com/apache/hbase/pull/936#discussion_r368071622 ## File path: hbase-http/src/main/java/org/apache/hadoop/hbase/http/HttpServer.java ## @@ -770,30 +777,28 @@ public void addJerseyResourcePackage(final String packageName, } /** - * Add a servlet in the server. + * Adds a servlet in the server that any user can access. * @param name The name of the servlet (can be passed as null) * @param pathSpec The path spec for the servlet * @param clazz The servlet class */ - public void addServlet(String name, String pathSpec, + public void addUnprivilegedServlet(String name, String pathSpec, Review comment: > Adds a servlet in the server that any user can access. I expanded this to the Javadoc already, but I suppose I can expand some more. This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services
[GitHub] [hbase] joshelser commented on a change in pull request #936: HBASE-17115 Define UI admins via an ACL
joshelser commented on a change in pull request #936: HBASE-17115 Define UI admins via an ACL URL: https://github.com/apache/hbase/pull/936#discussion_r368068359 ## File path: hbase-http/src/main/java/org/apache/hadoop/hbase/http/HttpServer.java ## @@ -131,6 +131,10 @@ "signature.secret.file"; public static final String HTTP_AUTHENTICATION_SIGNATURE_SECRET_FILE_KEY = HTTP_AUTHENTICATION_PREFIX + HTTP_AUTHENTICATION_SIGNATURE_SECRET_FILE_SUFFIX; + public static final String HTTP_SPNEGO_AUTHENTICATION_ADMIN_USERS_KEY = + HTTP_SPNEGO_AUTHENTICATION_PREFIX + "admin.users"; Review comment: Yes, likely. This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services
