sentry-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Dapeng Sun (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (SENTRY-503) Add authentication support to SentryWebserver
Date Wed, 03 Dec 2014 12:51:13 GMT

    [ https://issues.apache.org/jira/browse/SENTRY-503?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14232962#comment-14232962
] 

Dapeng Sun commented on SENTRY-503:
-----------------------------------

{quote}
Think that AuthenticationFilter implements a lot of what we want and would be a good place
to start adding this functionality. I have never personally used it though and it would be
interesting to see what other projects are doing for their webserver authentication. I also
think Sravya may have started scoping this out so it would be good to check with her to see
if she has any ideas and to ensure we don't have two people working on the same thing .
{quote}
Thank [~lskuff] for your comments.
Regarding the authentication of web server, I investigated it in OOZIE. It supports Kerberos
in its web service. It use  {{AuthFilter}} [(AuthFilter in OOZIE)|https://github.com/apache/oozie/blob/master/core/src/main/java/org/apache/oozie/servlet/AuthFilter.java#L42]
 copys from {{AuthFilter}} [(AuthFilter in hadoop)|https://github.com/apache/hadoop/blob/e1109fb65608a668cd53dc324dadc6f63a74eeb9/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/web/AuthFilter.java#L47]
and extends [AuthenticationFilter|https://github.com/apache/hadoop/blob/ef5af4f8de91fbe7891ae3471eb03397e74e1811/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationFilter.java#L128],
Hadoop Library is marked as “provide” in pom.xml. we may can add the filter {{AuthFilter}}
to our web server and override some configurations like OOZIE did, but as [~prasadm]'s comment,
we may need to find a better way for SENTRY.
And I'm nice to know [~sravya] may have any ideas about it. If there is anything I can help,
please feel free to let me know.
{quote}
AuthenticationFilter is currently tagged as private and unstable interface. We should be careful
about using implementations that could change in subsequent releases.
{quote}
Thank [~prasadm] for pointing out it.

> Add authentication support to SentryWebserver
> ---------------------------------------------
>
>                 Key: SENTRY-503
>                 URL: https://issues.apache.org/jira/browse/SENTRY-503
>             Project: Sentry
>          Issue Type: New Feature
>    Affects Versions: 1.5.0
>            Reporter: Sravya Tirukkovalur
>             Fix For: 1.5.0
>
>




--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message