[
https://issues.apache.org/jira/browse/FLINK-21108?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17273212#comment-17273212
]
Xiaoguang Sun edited comment on FLINK-21108 at 1/28/21, 12:24 AM:
------------------------------------------------------------------
Cluster IP can still be accessed by anybody running within the cluster. We can
use SSL authentication for ingress at this time, this seems to be the only way
to make sure only ingress can access Flink console.
So how about rest client side authentication, it has to be done to make sure
validated users can submit job to Flink.
was (Author: xexplorer):
Cluster IP can be accessed by anybody running within the cluster. We can use
SSL authentication for ingress at this time, this seems to be the only way to
make sure only ingress can access Flink console.
So how about rest client side authentication, it has to be done to make sure
validated users can submit job to Flink.
> Flink runtime rest server and history server webmonitor do not require
> authentication.
> --------------------------------------------------------------------------------------
>
> Key: FLINK-21108
> URL: https://issues.apache.org/jira/browse/FLINK-21108
> Project: Flink
> Issue Type: New Feature
> Components: Runtime / REST, Runtime / Web Frontend
> Reporter: Xiaoguang Sun
> Priority: Major
> Labels: pull-request-available
>
> Flink runtime rest server and history server webmonitor do not require
> authentication. At certain scenarios, prohibiting unauthorized access is
> desired. Http basic authentication can be used here.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
