https://community.cloudera.com/t5/Archives-of-Support-Questions/How-to-create-security-filter-for-Spark-UI-in-Spark-on-YARN/m-p/185727#M73348 <P>I am trying to use a java filter to protect the access to spark ui, this by using the property spark.ui.filters; the problem is that when spark is running on yarn mode, that property is being allways overriden with the filter org.apache.hadoop.yarn.server.webproxy.amfilter.AmIpFilter:<BR /><BR /><EM>spark.ui.filters: org.apache.hadoop.yarn.server.webproxy.amfilter.AmIpFilter</EM><BR /><BR />And this properties are automatically added:<BR /><BR /><EM>spark.org.apache.hadoop.yarn.server.webproxy.amfilter.AmIpFilter.param.PROXY_HOSTS: ip-x-x-x-226.eu-west-1.compute.internal<BR />spark.org.apache.hadoop.yarn.server.webproxy.amfilter.AmIpFilter.param.PROXY_URI_BASES: <A href="http://ip-x-x-x-226.eu-west-1.compute.internal:20888/proxy/application_xxxxxxxxxxxxx_xxxx">http://ip-x-x-x-226.eu-west-1.compute.internal:20888/proxy/application_xxxxxxxxxxxxx_xxxx</A></EM><BR /><BR />Any suggestion of how to add a java security filter so it does not get overriden, or maybe how to configure the security from hadoop side?</P><P>Environment:<BR />AWS EMR, yarn cluster.</P><P><BR />Thanks.</P> Thu, 11 Jan 2018 06:40:47 GMT jhonderson2007 2018-01-11T06:40:47Z https://community.cloudera.com/t5/Archives-of-Support-Questions/How-to-create-security-filter-for-Spark-UI-in-Spark-on-YARN/m-p/185727#M73348 <P>I am trying to use a java filter to protect the access to spark ui, this by using the property spark.ui.filters; the problem is that when spark is running on yarn mode, that property is being allways overriden with the filter org.apache.hadoop.yarn.server.webproxy.amfilter.AmIpFilter:<BR /><BR /><EM>spark.ui.filters: org.apache.hadoop.yarn.server.webproxy.amfilter.AmIpFilter</EM><BR /><BR />And this properties are automatically added:<BR /><BR /><EM>spark.org.apache.hadoop.yarn.server.webproxy.amfilter.AmIpFilter.param.PROXY_HOSTS: ip-x-x-x-226.eu-west-1.compute.internal<BR />spark.org.apache.hadoop.yarn.server.webproxy.amfilter.AmIpFilter.param.PROXY_URI_BASES: <A href="http://ip-x-x-x-226.eu-west-1.compute.internal:20888/proxy/application_xxxxxxxxxxxxx_xxxx">http://ip-x-x-x-226.eu-west-1.compute.internal:20888/proxy/application_xxxxxxxxxxxxx_xxxx</A></EM><BR /><BR />Any suggestion of how to add a java security filter so it does not get overriden, or maybe how to configure the security from hadoop side?</P><P>Environment:<BR />AWS EMR, yarn cluster.</P><P><BR />Thanks.</P> Thu, 11 Jan 2018 06:40:47 GMT https://community.cloudera.com/t5/Archives-of-Support-Questions/How-to-create-security-filter-for-Spark-UI-in-Spark-on-YARN/m-p/185727#M73348 jhonderson2007 2018-01-11T06:40:47Z https://community.cloudera.com/t5/Archives-of-Support-Questions/How-to-create-security-filter-for-Spark-UI-in-Spark-on-YARN/m-p/185728#M73349 <P>This is solved by using the property hadoop.http.authentication.type to specify a custom Java Handler objects that contains the authentication logic. This class only has to implement the interface org.apache.hadoop.security.authentication.server.AuthenticationHandler. See:</P><P><A href="https://hadoop.apache.org/docs/r2.7.3/hadoop-project-dist/hadoop-common/HttpAuthentication.html">https://hadoop.apache.org/docs/r2.7.3/hadoop-project-dist/hadoop-common/HttpAuthentication.html</A></P> Mon, 05 Mar 2018 22:12:35 GMT https://community.cloudera.com/t5/Archives-of-Support-Questions/How-to-create-security-filter-for-Spark-UI-in-Spark-on-YARN/m-p/185728#M73349 jhonderson2007 2018-03-05T22:12:35Z