You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@sqoop.apache.org by Jarek Cecho <ja...@apache.org> on 2016/02/02 21:43:10 UTC
Re: Review Request 42785: SQOOP-2807: Sqoop2: Add admin user list to
configuration file
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/42785/#review117464
-----------------------------------------------------------
I have one high level comment - how does this work with the "usual" RBAC that we have (for example the Sentry conrete plugin)? Aren't we introducing yet another authorization framework by any chance?
- Jarek Cecho
On Jan. 26, 2016, 5:50 a.m., Colin Ma wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/42785/
> -----------------------------------------------------------
>
> (Updated Jan. 26, 2016, 5:50 a.m.)
>
>
> Review request for Sqoop and Colin Ma.
>
>
> Bugs: SQOOP-2807
> https://issues.apache.org/jira/browse/SQOOP-2807
>
>
> Repository: sqoop-sqoop2
>
>
> Description
> -------
>
> Add admin user list to configuration file, and Sqoop can do the admin authorization according to the value.
> For example:
> org.apache.sqoop.security.admins=admin1,admin2
>
>
> Diffs
> -----
>
> core/src/main/java/org/apache/sqoop/security/AuthorizationManager.java 4afdf02
> core/src/main/java/org/apache/sqoop/security/SecurityConstants.java 6f32e04
> dist/src/main/conf/sqoop.properties 2895530
>
> Diff: https://reviews.apache.org/r/42785/diff/
>
>
> Testing
> -------
>
>
> Thanks,
>
> Colin Ma
>
>
Re: Review Request 42785: SQOOP-2807: Sqoop2: Add admin user list to
configuration file
Posted by Colin Ma <ju...@intel.com>.
> On Feb. 2, 2016, 8:43 p.m., Jarek Cecho wrote:
> > I have one high level comment - how does this work with the "usual" RBAC that we have (for example the Sentry conrete plugin)? Aren't we introducing yet another authorization framework by any chance?
Thanks for bring it up, currently, AuthorizationEngine.checkPrivilege() is responsible for the authorization, how about check the admin list first and do the authorization if not an admin?
I'll update the patch with this change.
- Colin
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/42785/#review117464
-----------------------------------------------------------
On Jan. 26, 2016, 5:50 a.m., Colin Ma wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/42785/
> -----------------------------------------------------------
>
> (Updated Jan. 26, 2016, 5:50 a.m.)
>
>
> Review request for Sqoop and Colin Ma.
>
>
> Bugs: SQOOP-2807
> https://issues.apache.org/jira/browse/SQOOP-2807
>
>
> Repository: sqoop-sqoop2
>
>
> Description
> -------
>
> Add admin user list to configuration file, and Sqoop can do the admin authorization according to the value.
> For example:
> org.apache.sqoop.security.admins=admin1,admin2
>
>
> Diffs
> -----
>
> core/src/main/java/org/apache/sqoop/security/AuthorizationManager.java 4afdf02
> core/src/main/java/org/apache/sqoop/security/SecurityConstants.java 6f32e04
> dist/src/main/conf/sqoop.properties 2895530
>
> Diff: https://reviews.apache.org/r/42785/diff/
>
>
> Testing
> -------
>
>
> Thanks,
>
> Colin Ma
>
>