Discussion:
Storm UI authentication
Devendar Rao
2018-10-18 00:02:14 UTC
Permalink
Hi,

I would like to add authentication to storm UI. Are there are docs/examples
on how to add authentication to the storm UI? I found this page,
https://github.com/apache/storm/blob/master/SECURITY.md#uilogviewer. Can
storm support this natively? Are there any examples of this?

Thanks
Bobby Evans
2018-10-18 14:09:00 UTC
Permalink
https://storm.apache.org/releases/2.0.0-SNAPSHOT/SECURITY.html

explains some of it, but not well enough in my opinion.

Storm's UI Authentication is based mostly around Java Servlet Filters
controlled by ui.filter and ui.filter.params configs and also
https://github.com/apache/storm/blob/master/storm-server/src/main/java/org/apache/storm/security/auth/IHttpCredentialsPlugin.java
which is controlled by the ui.http.creds.plugin and drpc.http.creds.plugin
configs.

If your auth filter changes the ServletRequest so that
getUserPrincipal or getRemoteUser
returns the name of the unix user that authenticated, then you don't need
to worry about changing the IHttpCredentialsPlugin from the default. If
the auth is placed in some other location/way then you may need to override
the default http creds plugin to populate the principal/name into the
proper location for the request, but this is a bit more of an advanced
change you would have to make.

I'll try to put up a pull request to clarify the documentation more.

Thanks,

Bobby
Post by Devendar Rao
Hi,
I would like to add authentication to storm UI. Are there are
docs/examples on how to add authentication to the storm UI? I found this
page, https://github.com/apache/storm/blob/master/SECURITY.md#uilogviewer.
Can storm support this natively? Are there any examples of this?
Thanks
Loading...