Drill on MapR has the features you're describing: http://doc.mapr.com/display/MapR/Configuring+Web+Console+and+REST+API+Security . The differences between the open source and MapR versions are listed on http://doc.mapr.com/display/components/Drill+1.2.0+Release+Notes.
The web security feature was designed to be included in the open source version and is now be reviewed for inclusion: https://issues.apache.org/jira/browse/DRILL-3201 Kristine Hahn Sr. Technical Writer 415-497-8107 @krishahn skype:krishahn On Mon, Dec 7, 2015 at 11:16 AM, John Omernik <j...@omernik.com> wrote: > This is really odd to me. I have 1.3 (Compiled by MapR) running on my > cluster right now. I added libjpam.so to my java.library.path, and I have > ldap configured on the nodes in pam. When I hit the Web UI (via HTTPS, > HTTP is disabled) I get prompt for user name and the authentication goes > against the pam on the system, allowing me in. Only the user running the > drill bits has "admin" functions in Drill, other users only see a subset of > tabs (Query, Profiles, Metrics) (the Drillbit user has Query, profiles, > storage, metrics, and threads). > > This is also true with the RestAPI. I have to authenticate to use it at > this point. I just do forms authentication using the python requests > module. (I feel like it should accept basic auth over SSL for API good > ness, but my hack works) > > Thus, I feel like it's been secured fairly well (SSL, Authentication, Users > etc). So I do not understand why DRILL-3201 says 1.5, and while it's > stated that Web Authentication is not available yet... > > > > > > On Mon, Dec 7, 2015 at 11:13 AM, Andries Engelbrecht < > aengelbre...@maprtech.com> wrote: > > > This topic came up a while ago and there was a bit of confusion. > > > > See the discussion thread here for more info. > > > > > http://search-hadoop.com/m/qRVAXir9Do1qHni72&subj=How+to+setup+user+authentication+for+the+WebUI+ > > < > > > http://search-hadoop.com/m/qRVAXir9Do1qHni72&subj=How+to+setup+user+authentication+for+the+WebUI+ > > > > > > > Sudheesh listed the JIRA to track it. > > > > --Andries > > > > > > > > > On Dec 7, 2015, at 8:32 AM, Sudheesh Katkam <skat...@maprtech.com> > > wrote: > > > > > > Hi Niko, > > > > > > Web authentication is not available yet; DRILL-3201 < > > https://issues.apache.org/jira/browse/DRILL-3201> is being reviewed. The > > doc pages are ahead. > > > > > > Thank you, > > > Sudheesh > > > > > >> On Dec 7, 2015, at 7:06 AM, Keys Botzum <kbot...@maprtech.com> wrote: > > >> > > >> I think this answers your question (the answer is yes according to the > > docs): > > >> > > >> > > > https://drill.apache.org/docs/configuring-web-console-and-rest-api-security/ > > < > > > https://drill.apache.org/docs/configuring-web-console-and-rest-api-security/ > > > > > >> > > >> Keys > > >> _______________________________ > > >> Keys Botzum > > >> Senior Principal Technologist > > >> kbot...@maprtech.com <mailto:kbot...@maprtech.com> > > >> 443-718-0098 > > >> MapR Technologies > > >> http://www.mapr.com <http://www.mapr.com/> > > >>> On Dec 7, 2015, at 10:04 AM, Niko Arvilommi <n...@olentolife.com> > > wrote: > > >>> > > >>> Hi > > >>> > > >>> Is it possible to secure the WEB UI and REST api with password or > > similiar methods. Shared keys or something ? > > >>> It seems to be too open if it not possible > > >>> > > >>> Best Niko Arvilommi > > >> > > > > > > > >