hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Sanjay Radia (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HADOOP-9813) Fine-grained authorization library for HAS
Date Fri, 09 Aug 2013 20:20:48 GMT

    [ https://issues.apache.org/jira/browse/HADOOP-9813?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13735225#comment-13735225
] 

Sanjay Radia commented on HADOOP-9813:
--------------------------------------

I don't get this one. Can you give use cases and examples of policies for authorization.
bq. Take HDFS for example, when a user is trying to access a file or a folder, name node will
call into this library and pass the resource identifier and the rights needed. 
Are you assuming that ALL hadoop resources have global resource identifiers?

                
> Fine-grained authorization library for HAS
> ------------------------------------------
>
>                 Key: HADOOP-9813
>                 URL: https://issues.apache.org/jira/browse/HADOOP-9813
>             Project: Hadoop Common
>          Issue Type: Task
>          Components: security
>    Affects Versions: 3.0.0
>            Reporter: Jerry Chen
>              Labels: Rhino
>
> This is to define and provide authorization enforcement library for Hadoop services.
It provides the utilities to load and enforce security policies through related services provided
by the Authorization Service of HAS. Hadoop components call these utilities to enforce the
authorization policies. Take HDFS for example, when a user is trying to access a file or a
folder, name node will call into this library and pass the resource identifier and the rights
needed. The scope of this is as follows:
> * Define and implement authorization policy enforcement API to be utilized by Hadoop
services to enforce authorization policies.
> * Define and implement authorization policy load and sync facilities.
> * Define and implement authorization policy evaluation engine. 

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message