[ https://issues.apache.org/jira/browse/YARN-6638?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16042279#comment-16042279 ]
Rohith Sharma K S commented on YARN-6638: ----------------------------------------- bq. I had thought, for reader, merely Kerberos authentication should be enough. So an authentication filter should also be enough. this would lead every HTTP request is authenticated with kerberos which will impact delay in response time. As you said, as of now we can go ahead with it, but this one would need to address it. How about reusing reusing RM timeline APIs for reader server? But one potential issue I see is reader server can be any number deployed in cluster, so RM will issue token to which reader server!? Is there any JIRA for reader server DT implementation? If no, lets raise and discuss this point over there. > [Security] Timeline reader side changes for loading auth filters and > principals > ------------------------------------------------------------------------------- > > Key: YARN-6638 > URL: https://issues.apache.org/jira/browse/YARN-6638 > Project: Hadoop YARN > Issue Type: Sub-task > Components: timelineserver > Reporter: Varun Saxena > Assignee: Varun Saxena > Attachments: YARN-6638-YARN-5355.01.patch > > -- This message was sent by Atlassian JIRA (v6.3.15#6346) --------------------------------------------------------------------- To unsubscribe, e-mail: yarn-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: yarn-issues-h...@hadoop.apache.org