hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jerry Chen (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (HADOOP-9812) Authorization service for HAS
Date Thu, 01 Aug 2013 09:13:48 GMT

     [ https://issues.apache.org/jira/browse/HADOOP-9812?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Jerry Chen updated HADOOP-9812:
-------------------------------

    Description: 
This task defines and implements Authorization Server role for HAS.  First, it provides the
service level access token based authorization for HAS.  It also provides fine-grained access
control mechanisms for Hadoop to further enforce fine-grained access control for specific
components, such as HDFS. This role along with related services can be configured into one
HAS deployment. The scope of this task is highlighted as following:
* Implement access token service defined in TokenAuth framework. The access token service
provides service level authorization and grants access token according to the identity token
and access permissions.
* Define and implement authorization policy service in HAS for Hadoop services to retrieve
and synchronize authorization policies.
* Implement and provide authorization policy management, allowing admin to create and manage
authorization policies to authorize system and resource accesses employing different authorization
models with corresponding editors and tools;
* Implement and provide authorization management facility, allowing admin to configure global
settings and manage authorization policies across the system for the domain.


  was:
This task defines and implements Authorization Server role for HAS.  First, it provides the
service level access token based authorization for HAS.  It also provides fine-grained access
control mechanisms for Hadoop to further enforce fine-grained access control for specific
components, such as HDFS. This role along with related services can be configured into one
HAS deployment. The scope of this task is highlighted as following:
  * Implement access token service defined in TokenAuth framework. The access token service
provides service level authorization and grants access token according to the identity token
and access permissions.
  * Define and implement authorization policy service in HAS for Hadoop services to retrieve
and synchronize authorization policies.
  * Implement and provide authorization policy management, allowing admin to create and
manage authorization policies to authorize system and resource accesses employing different
authorization models with corresponding editors and tools;
  * Implement and provide authorization management facility, allowing admin to configure
global settings and manage authorization policies across the system for the domain.


    
> Authorization service for HAS
> -----------------------------
>
>                 Key: HADOOP-9812
>                 URL: https://issues.apache.org/jira/browse/HADOOP-9812
>             Project: Hadoop Common
>          Issue Type: Task
>          Components: security
>            Reporter: Jerry Chen
>              Labels: Rhino
>
> This task defines and implements Authorization Server role for HAS.  First, it provides
the service level access token based authorization for HAS.  It also provides fine-grained
access control mechanisms for Hadoop to further enforce fine-grained access control for specific
components, such as HDFS. This role along with related services can be configured into one
HAS deployment. The scope of this task is highlighted as following:
> * Implement access token service defined in TokenAuth framework. The access token service
provides service level authorization and grants access token according to the identity token
and access permissions.
> * Define and implement authorization policy service in HAS for Hadoop services to retrieve
and synchronize authorization policies.
> * Implement and provide authorization policy management, allowing admin to create and
manage authorization policies to authorize system and resource accesses employing different
authorization models with corresponding editors and tools;
> * Implement and provide authorization management facility, allowing admin to configure
global settings and manage authorization policies across the system for the domain.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message