[jira] [Created] (HADOOP-9812) Authorization service for HAS

["Jerry Chen (JIRA)" <ji...@apache.org>]

Jerry Chen created HADOOP-9812:
----------------------------------

             Summary: Authorization service for HAS
                 Key: HADOOP-9812
                 URL: https://issues.apache.org/jira/browse/HADOOP-9812
             Project: Hadoop Common
          Issue Type: Task
          Components: security
            Reporter: Jerry Chen


This task defines and implements Authorization Server role for HAS.  First, it provides the service level access token based authorization for HAS.  It also provides fine-grained access control mechanisms for Hadoop to further enforce fine-grained access control for specific components, such as HDFS. This role along with related services can be configured into one HAS deployment. The scope of this task is highlighted as following:
  * Implement access token service defined in TokenAuth framework. The access token service provides service level authorization and grants access token according to the identity token and access permissions.
  * Define and implement authorization policy service in HAS for Hadoop services to retrieve and synchronize authorization policies.
  * Implement and provide authorization policy management, allowing admin to create and manage authorization policies to authorize system and resource accesses employing different authorization models with corresponding editors and tools;
  * Implement and provide authorization management facility, allowing admin to configure global settings and manage authorization policies across the system for the domain.


--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira