sentry-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Xiaomeng Huang (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (SENTRY-498) Sentry authorization V2 via Hive authorization framework
Date Tue, 21 Oct 2014 08:08:33 GMT

     [ https://issues.apache.org/jira/browse/SENTRY-498?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Xiaomeng Huang updated SENTRY-498:
----------------------------------
    Description: 
Currently Sentry grant/revoke privileges via hook DDLTask, and do authorization via SemanticAnalyzerHook.
Now hive has a pluggable authorization framework via exposing some interfaces HiveAccessController
and HiveAuthorizationValidator. HiveAccessController is used to grant/revoke roles and privileges.
HiveAuthorizationValidator is used to do fine-grained authorization. 
Sentry should use this framework to grant/revoke privileges and do authorization,
* This framework is very convenient to use by external authorization system. Using this framework
will be better accepted by community.

  was:
Currently Sentry grant/revoke privileges via hook DDLTask, and do authorization via SemanticAnalyzerHook.
Now hive has a pluggable authorization framework via exposing some interfaces HiveAccessController
and HiveAuthorizationValidator. HiveAccessController is used to grant/revoke roles and privileges.
HiveAuthorizationValidator is used to do fine-grained authorization. This framework is very
convenient to use by external authorization system.
Sentry should use this framework to grant/revoke privileges and do authorization,
*


> Sentry authorization V2 via Hive authorization framework
> --------------------------------------------------------
>
>                 Key: SENTRY-498
>                 URL: https://issues.apache.org/jira/browse/SENTRY-498
>             Project: Sentry
>          Issue Type: New Feature
>            Reporter: Xiaomeng Huang
>            Assignee: Xiaomeng Huang
>
> Currently Sentry grant/revoke privileges via hook DDLTask, and do authorization via SemanticAnalyzerHook.
Now hive has a pluggable authorization framework via exposing some interfaces HiveAccessController
and HiveAuthorizationValidator. HiveAccessController is used to grant/revoke roles and privileges.
HiveAuthorizationValidator is used to do fine-grained authorization. 
> Sentry should use this framework to grant/revoke privileges and do authorization,
> * This framework is very convenient to use by external authorization system. Using this
framework will be better accepted by community.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message