hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Kai Zheng (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (HADOOP-11766) Generic token authentication support for Hadoop
Date Sat, 28 Mar 2015 03:45:53 GMT

     [ https://issues.apache.org/jira/browse/HADOOP-11766?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel

Kai Zheng updated HADOOP-11766:
    Assignee:     (was: Kai Zheng)

> Generic token authentication support for Hadoop
> -----------------------------------------------
>                 Key: HADOOP-11766
>                 URL: https://issues.apache.org/jira/browse/HADOOP-11766
>             Project: Hadoop Common
>          Issue Type: New Feature
>          Components: security
>            Reporter: Kai Zheng
> As a major goal of Rhino project, we proposed *TokenAuth* effort in HADOOP-9392, where
it's to provide a common token authentication framework to integrate multiple authentication
mechanisms, by adding a new {{AuthenticationMethod}} in lieu of {{KERBEROS}} and {{SIMPLE}}.
To minimize the required changes and risk, we thought of another approach to achieve the general
goals based on Kerberos as Kerberos itself supports a pre-authentication framework in both
spec and implementation, which was discussed in HADOOP-10959 as *TokenPreauth*. In both approaches,
we had performed workable prototypes covering both command line console and Hadoop web UI.

> As HADOOP-9392 is rather lengthy and heavy, HADOOP-10959 is mostly focused on the concrete
implementation approach based on Kerberos, we open this for more general and updated discussions
about requirement, use cases, and concerns for the generic token authentication support for
Hadoop. We distinguish this token from existing Hadoop tokens as the token in this discussion
is majorly for the initial and primary authentication. We will refine our existing codes in
HADOOP-9392 and HADOOP-10959, break them down into smaller patches based on latest trunk.

This message was sent by Atlassian JIRA

View raw message