I don't know much about hadoop authentication but the code doesn't support user.name property. https://github.com/apache/hadoop/blob/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/PseudoAuthenticationHandler.java#L39
Filter provides the option of disallowing anonymous access through simple.anonymous.allowed property. Default value is false. It is only an authentication filter. That means this filter validates the identity and for which it trust the user.name you are passing. Authorization is not performed by this filter. On Wed, May 11, 2016 at 12:32 AM, Nguyen, Amy <amy.ngu...@espn.com> wrote: > > I have the following configured in my storm.yaml file: > > ui.filter: “org.apache.hadoop.security.authentication.server.AuthenticationFilter" > ui.filter.params: > "type": "simple" > "user.name": “stormtest" > > When I try to access the UI passing the parameter ?user.name=stormtest all is well. I’m granted access. > When I don’t pass the parameter ?user.name=stormtest all is well. I’m not grated access. > > However when I pass the parameter ?user.name=hello, I am granted access to the UI. I would expect the behavior if the value of the param didn’t match what was in the storm.yaml that I would be granted access to the UI. > > Has anyone else seen this issue? Did I just misconfigure something here? > > Thanks! -- Regards, Abhishek Agarwal