Re: spark ui security
According to https://spark.apache.org/docs/latest/security.html#web-ui , web UI is covered. FYI On Thu, Jan 7, 2016 at 6:35 AM, Kostiantyn Kudriavtsev < kudryavtsev.konstan...@gmail.com> wrote: > hi community, > > do I understand correctly that spark.ui.filters property sets up filters > only for jobui interface? is it any way to protect spark web ui in the same > *way?* >
Re: spark ui security
can I do it without kerberos and hadoop? ideally using filters as for job UI On Jan 7, 2016, at 1:22 PM, Prem Surewrote: > you can refer more on https://searchcode.com/codesearch/view/97658783/ > https://github.com/apache/spark/blob/master/core/src/main/scala/org/apache/spark/SecurityManager.scala > > spark.authenticate = true > spark.ui.acls.enable = true > spark.ui.view.acls = user1,user2 > spark.ui.filters = > org.apache.hadoop.security.authentication.server.AuthenticationFilter > spark.org.apache.hadoop.security.authentication.server.AuthenticationFilter.params="type=kerberos,kerberos.principal=HTTP/mybox@MYDOMAIN,kerberos.keytab=/some/keytab" > > > > > On Thu, Jan 7, 2016 at 10:35 AM, Kostiantyn Kudriavtsev > wrote: > I’m afraid I missed where this property must be specified? I added it to > spark-xxx.conf which is basically configurable per job, so I assume to > protect WebUI the different place must be used, isn’t it? > > On Jan 7, 2016, at 10:28 AM, Ted Yu wrote: > >> According to https://spark.apache.org/docs/latest/security.html#web-ui , web >> UI is covered. >> >> FYI >> >> On Thu, Jan 7, 2016 at 6:35 AM, Kostiantyn Kudriavtsev >> wrote: >> hi community, >> >> do I understand correctly that spark.ui.filters property sets up filters >> only for jobui interface? is it any way to protect spark web ui in the same >> way? >> > >
Re: spark ui security
Without kerberos you don't have true security. Cheers On Thu, Jan 7, 2016 at 1:56 PM, Kostiantyn Kudriavtsev < kudryavtsev.konstan...@gmail.com> wrote: > can I do it without kerberos and hadoop? > ideally using filters as for job UI > > On Jan 7, 2016, at 1:22 PM, Prem Surewrote: > > you can refer more on https://searchcode.com/codesearch/view/97658783/ > > https://github.com/apache/spark/blob/master/core/src/main/scala/org/apache/spark/SecurityManager.scala > > spark.authenticate = true > spark.ui.acls.enable = true > spark.ui.view.acls = user1,user2 > spark.ui.filters = > org.apache.hadoop.security.authentication.server.AuthenticationFilter > > spark.org.apache.hadoop.security.authentication.server.AuthenticationFilter.params="type=kerberos,kerberos.principal=HTTP/mybox@MYDOMAIN > ,kerberos.keytab=/some/keytab" > > > > > On Thu, Jan 7, 2016 at 10:35 AM, Kostiantyn Kudriavtsev < > kudryavtsev.konstan...@gmail.com> wrote: > >> I’m afraid I missed where this property must be specified? I added it to >> spark-xxx.conf which is basically configurable per job, so I assume to >> protect WebUI the different place must be used, isn’t it? >> >> On Jan 7, 2016, at 10:28 AM, Ted Yu wrote: >> >> According to https://spark.apache.org/docs/latest/security.html#web-ui , >> web UI is covered. >> >> FYI >> >> On Thu, Jan 7, 2016 at 6:35 AM, Kostiantyn Kudriavtsev < >> kudryavtsev.konstan...@gmail.com> wrote: >> >>> hi community, >>> >>> do I understand correctly that spark.ui.filters property sets up >>> filters only for jobui interface? is it any way to protect spark web ui in >>> the same *way?* >>> >> >> >> > >
Re: spark ui security
I know, but I need only to hide/protect web ui at least with servlet/filter api On Jan 7, 2016, at 4:59 PM, Ted Yuwrote: > Without kerberos you don't have true security. > > Cheers > > On Thu, Jan 7, 2016 at 1:56 PM, Kostiantyn Kudriavtsev > wrote: > can I do it without kerberos and hadoop? > ideally using filters as for job UI > > On Jan 7, 2016, at 1:22 PM, Prem Sure wrote: > >> you can refer more on https://searchcode.com/codesearch/view/97658783/ >> https://github.com/apache/spark/blob/master/core/src/main/scala/org/apache/spark/SecurityManager.scala >> >> spark.authenticate = true >> spark.ui.acls.enable = true >> spark.ui.view.acls = user1,user2 >> spark.ui.filters = >> org.apache.hadoop.security.authentication.server.AuthenticationFilter >> spark.org.apache.hadoop.security.authentication.server.AuthenticationFilter.params="type=kerberos,kerberos.principal=HTTP/mybox@MYDOMAIN,kerberos.keytab=/some/keytab" >> >> >> >> >> On Thu, Jan 7, 2016 at 10:35 AM, Kostiantyn Kudriavtsev >> wrote: >> I’m afraid I missed where this property must be specified? I added it to >> spark-xxx.conf which is basically configurable per job, so I assume to >> protect WebUI the different place must be used, isn’t it? >> >> On Jan 7, 2016, at 10:28 AM, Ted Yu wrote: >> >>> According to https://spark.apache.org/docs/latest/security.html#web-ui , >>> web UI is covered. >>> >>> FYI >>> >>> On Thu, Jan 7, 2016 at 6:35 AM, Kostiantyn Kudriavtsev >>> wrote: >>> hi community, >>> >>> do I understand correctly that spark.ui.filters property sets up filters >>> only for jobui interface? is it any way to protect spark web ui in the same >>> way? >>> >> >> > >