Support Questions

Find answers, ask questions, and share your expertise

Securing the deployed application

avatar

Dear All,

I hope you are doing well.

I would like your help in understand how I can secure the deployed application.

  • Public Applications

    By default, authentication for applications is enforced on all ports and users cannot create public applications. If desired, the Admin user can allow users to create public applications that can be accessed by unauthenticated users.

    To allow users to create public applications on an Cloudera AI Workbench:
    1. As an Admin user, turn on the feature flag in Admin > Security by selecting Allow applications to be configured with unauthenticated access.
    2. When creating a new application, select Enable Unauthenticated Access.
    3. For an existing application, in Settings select Enable Unauthenticated Access.

    To prevent all users from creating public applications, go to Admin > Security and deselect Allow applications to be configured with unauthenticated access. All existing public applications will immediately stop being publicly accessible.

  • Transparent Authentication

    Cloudera AI can pass user authentication information to an application, if the application expects an authenticated request. The REMOTE-USER and REMOTE-USER-PERM HTTP headers will be injected to the application hosted by the user.

    For example:
    Remote-user=<username> 
    Remote-user-perm=<RO/RW/Unauthorized>

    How can I implement and integrate the Transparent Authentication in the deployed application script?

     

    Best wishes,

    Salim  

0 REPLIES 0