You are viewing a plain text version of this content. The canonical link for it is here.

Posted to common-dev@hadoop.apache.org by "Anandsagar Kothapalli (JIRA)" <ji...@apache.org> on 2017/06/23 00:40:02 UTC

[jira] [Created] (HADOOP-14579) Azure: Add Kerberos and Delegation token support to ADLS client.

Anandsagar Kothapalli created HADOOP-14579:
----------------------------------------------

             Summary: Azure: Add Kerberos and Delegation token support to ADLS client.
                 Key: HADOOP-14579
                 URL: https://issues.apache.org/jira/browse/HADOOP-14579
             Project: Hadoop Common
          Issue Type: Improvement
          Components: fs/azure
    Affects Versions: 2.8.0
            Reporter: Anandsagar Kothapalli
            Assignee: Santhosh G Nayak
             Fix For: 2.9.0, 3.0.0-alpha4


Current implementation of Azure storage client for Hadoop ({{WASB}}) does not support Kerberos Authentication and FileSystem authorization, which makes it unusable in secure environments with multi user setup. 
To make {{WASB}} client more suitable to run in Secure environments, there are 2 initiatives under way for providing the authorization (HADOOP-13930) and fine grained access control (HADOOP-13863) support.

This JIRA is created to add Kerberos and delegation token support to {{WASB}} client to fetch Azure Storage SAS keys (from Remote service as discussed in HADOOP-13863), which provides fine grained timed access to containers and blobs. 
For delegation token management, the proposal is it use the same REST service which being used to generate the SAS Keys.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

---------------------------------------------------------------------
To unsubscribe, e-mail: common-dev-unsubscribe@hadoop.apache.org
For additional commands, e-mail: common-dev-help@hadoop.apache.org