I am looking for a way to introduce LDAP authentication to my Apache Spark Web UIs. This includes both the main Spark Web UI and the Spark history server. The Spark instances are running inside a Kubernetes cluster and are launched both via the Spark Operator and in Standalone mode.
In the official documentation, it says the following:
"Enabling authentication for the Web UIs is done using javax servlet filters. You will need a filter that implements the authentication method you want to deploy. Spark does not provide any built-in authentication filters."
When searching online, I cannot find any such filters which will enable authentication through LDAP.
My questions are:
Hint: Use thin client and use libpam4j-1.11.jar (not the official referenced version (1.9) since i could not get it work with 1.9) and jna-4.3.0.jar. This was a working setup for me. Add all of these 3 jars to SPARK_DIR/jars/
yum install sssd authconfig -y
authconfig --update --enablesssd --enablesssdauthAdd / Edit /etc/sssd/sssd.conf. Google how to configure this file. Basically you can configure here variables like ldap_uri, ldap_search_base and ldap_access_filter
Add following Variables in spark-defaults.conf:
spark.ui.filters com.carmatechnologies.servlet.PamAuthFilter
spark.com.carmatechnologies.servlet.PamAuthFilter.param.realm spark
spark.com.carmatechnologies.servlet.PamAuthFilter.param.service system-authsssd -i -d 3Authentication should work now.