[
https://issues.apache.org/jira/browse/SLIDER-693?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14280775#comment-14280775
]
Jonathan Maron commented on SLIDER-693:
---------------------------------------
May go with following approach:
1) Handler SPNEGO processing at RM
2) Establish trust with shared secret between RM and AM
In that way the RM takes care of the secure processing, and the AM focuses on
leveraging the passed in doAs identity for its processing (doAs identity
manifests as cookie at the AM)
> Need to enable support for spnego/kerberos for AM Rest resources
> ----------------------------------------------------------------
>
> Key: SLIDER-693
> URL: https://issues.apache.org/jira/browse/SLIDER-693
> Project: Slider
> Issue Type: Sub-task
> Components: appmaster, security
> Reporter: Jonathan Maron
> Assignee: Jonathan Maron
> Fix For: Slider 0.70
>
>
> Need to add the spnego support API calls to the AM WebApp to enable the
> kerberos configuration for the AM exposed REST endpoint (Not agent facing
> server). This is required to support trust proxy configuration for knox
> integration.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
