I am running a pseudo-distributed hadoop system. When I put some data using a REST API to HDFS without setting user.name in a post request a default user dr.who is used.
The documentation says If the user.name parameter is not set, the server may either set the authenticated user to a default web user, if there is any, or return an error response.
How I can enforce the service to return an error response instead of using the default user. I am quite affraid that everybody can put whatever he wants as a default user.
You need to kerberize HDFS in order to support strong authentication in order to support authorization for the WebHDFS interface. Without strong authentication, there is a threat vector associated with spoofing WebHDFS, see this paper