> Hi Gabor, welcome to the Flink community!
>
> Thanks for sharing this proposal with the community Márton. In general, I
> agree that authentication is missing and that this is required for using
> Flink within an enterprise. The thing I am wondering is whether this
> feature strictly needs to be implemented inside of Flink or whether a proxy
> setup could do the job? Have you considered this option? If yes, then it
> would be good to list it under the point of rejected alternatives.
>
> I do see the benefit of implementing this feature inside of Flink if many
> users need it. If not, then it might be easier for the project to not
> increase the surface area since it makes the overall maintenance harder.
>
> Cheers,
> Till
>
> On Mon, May 31, 2021 at 4:57 PM Márton Balassi <[hidden email]> wrote:
>
>> Hi team,
>>
>> Firstly I would like to introduce Gabor or G [1] for short to the
>> community, he is a Spark committer who has recently transitioned to the
>> Flink Engineering team at Cloudera and is looking forward to contributing
>> to Apache Flink. Previously G primarily focused on Spark Streaming and
>> security.
>>
>> Based on requests from our customers G has implemented Kerberos and HTTP
>> Basic Authentication for the Flink Dashboard and HistoryServer. Previously
>> lacked an authentication story.
>>
>> We are looking to contribute this functionality back to the community, we
>> believe that given Flink's maturity there should be a common code solution
>> for this general pattern.
>>
>> We are looking forward to your feedback on G's design. [2]
>>
>> [1] http://gaborsomogyi.com/
>> [2]
>>
>> https://docs.google.com/document/d/1NMPeJ9H0G49TGy3AzTVVJVKmYC0okwOtqLTSPnGqzHw/edit
>>