[jira] [Created] (ZEPPELIN-4315) Spark Job URLs are http even though zeppelin and spark are configured with https

Thu, 29 Aug 2019 05:07:23 -0700 

Tony created ZEPPELIN-4315:
------------------------------

             Summary: Spark Job URLs are http even though zeppelin and spark 
are configured with https
                 Key: ZEPPELIN-4315
                 URL: https://issues.apache.org/jira/browse/ZEPPELIN-4315
             Project: Zeppelin
          Issue Type: Bug
    Affects Versions: 0.8.1
            Reporter: Tony


Currently I have zeppelin and spark configured to run on https. My notebook 
urls look like

[https://notebook.example.com:8443/]

and my spark UI runs at

[https://notebook.example.com:4440/.|https://notebook.example.com:4440/]

If I go to the http version of the spark ui I am redirected to the https 
version. For example

[http://notebook.example.com:4040/]

will redirect to

[https://notebook.example.com:4440/.|https://notebook.example.com:4440/]

My problem is that when viewing a zeppelin notebook all the "SPARK JOB" URLs 
are http and not https. You would think this wouldn't be a problem because 
SPARK JOB url

[http://notebook.example.com:4040/jobs/job?id=0]

will just redirect to

[https://notebook.example.com:4440/jobs/job?id=0.]

This redirect works fine when using curl or entering it directly into the 
address bar. But when the SPARK JOB URL is clicked inside of zeppelin it does 
not redirect to the https:8443 url. Because my zeppelin is configured with 
https it sends the Strict-Transport-Security HTTP header and Firefox changes 
the protocol and sends the user to

[https://notebook.example.com:4040/jobs/job?id=0]

instead of

[https://notebook.example.com:4440/jobs/job?id=0.]

4040 is the http port so this fails.

Can Zeppelin build the spark UI URLs using https instead of relying on a 
redirect from the spark UI?

My zeppelin-site.xml file has the zeppelin.server.strict.transport section 
commented out but I the Strict-Transport-Security HTTP header is sent by 
default when SSL is configured.

Setting the max-age=0 works around the issue but the correct path would be to 
build the Spark UI urls with https so we can use Strict-Transport-Security.

Is it possible to have Zeppelin build the spark UI URLs with https?

Maybe I am missing a configuration option? Thanks in advance for any pointers 
or fixes!

Tony

 

copied from 
[https://lists.apache.org/thread.html/15f662b8010884c84f1ac10e9da06aca4d30f8d367f52f0838d0ebd2@%3Cusers.zeppelin.apache.org%3E]

 



--
This message was sent by Atlassian Jira
(v8.3.2#803003)

Reply via email to