可以配置开启SSL认证的,只不过开启之后登陆会很复杂,所以为了方便登陆,推荐用nginx做一层代理,这样可以将认证方式替换为http basic authentication等。然后nginx和flink之间仍然采用SSL双向认证即可。
如果不介意浏览器本身登陆复杂,可以直接开启SSL双向认证,但是需要浏览器安装本地client证书。 Mabin <mabin2...@163.com> 于2021年11月26日周五 上午10:25写道: > flink web UI无认证登陆问题是怎样解决的呢? > > 官网上写的是:Simple mutual authentication may be enabled by configuration if > authentication of connections to the REST endpoint is required, but we > recommend to deploy a “side car proxy”: Bind the REST endpoint to the > loopback interface (or the pod-local interface in Kubernetes) and start a > REST proxy that authenticates and forwards the requests to Flink. Examples > for proxies that Flink users have deployed are Envoy Proxy or NGINX with > MOD_AUTH. > > 发自我的iPhone > >
