[ https://issues.apache.org/jira/browse/YARN-7882?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Shilun Fan updated YARN-7882: ----------------------------- Target Version/s: 3.5.0 (was: 3.4.0) > Server side proxy for UI2 log viewer > ------------------------------------ > > Key: YARN-7882 > URL: https://issues.apache.org/jira/browse/YARN-7882 > Project: Hadoop YARN > Issue Type: Bug > Components: security, timelineserver, yarn-ui-v2 > Affects Versions: 3.0.0 > Reporter: Eric Yang > Priority: Major > > When viewing container logs in UI2, the log files are directly fetched > through timeline server 2. Hadoop in simple security mode does not have > authenticator to make sure the user is authorized to view the log. The > general practice is to use knox or other security proxy to authenticate the > user and reserve proxy the request to Hadoop UI to ensure the information > does not leak through anonymous user. The current implementation of UI2 log > viewer uses ajax code to timeline server 2. This could prevent knox or > reverse proxy software from working properly with the new design. It would > be good to perform server side proxy to prevent browser from side step the > authentication check. -- This message was sent by Atlassian Jira (v8.20.10#820010) --------------------------------------------------------------------- To unsubscribe, e-mail: yarn-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: yarn-issues-h...@hadoop.apache.org