You are viewing a plain text version of this content. The canonical link for it is here.
Posted to common-issues@hadoop.apache.org by "Kai Zheng (JIRA)" <ji...@apache.org> on 2012/10/19 04:40:04 UTC
[jira] [Created] (HADOOP-8943) Enable to support multiple ADs and
different group mapping for different user
Kai Zheng created HADOOP-8943:
---------------------------------
Summary: Enable to support multiple ADs and different group mapping for different user
Key: HADOOP-8943
URL: https://issues.apache.org/jira/browse/HADOOP-8943
Project: Hadoop Common
Issue Type: Improvement
Components: security
Reporter: Kai Zheng
Fix For: 2.0.3-alpha
Discussed with Natty about LdapGroupMapping, we need to improve it so that:
1. It's possible to do different group mapping for different users/principals. For example, AD user should go to LdapGroupMapping service for group, but service principals such as hdfs, mapred can still use the default one ShellBasedUnixGroupsMapping;
2. Multiple ADs can be supported to do LdapGroupMapping;
3. It's possible to configure what kind of users/principals (regarding domain/realm is an option) should use which group mapping service/mechanism.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (HADOOP-8943) Enable to support multiple ADs and
different group mapping for different user
Posted by "Kai Zheng (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HADOOP-8943?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Kai Zheng updated HADOOP-8943:
------------------------------
Attachment: HADOOP-8943.patch
Initial patch for review.
> Enable to support multiple ADs and different group mapping for different user
> -----------------------------------------------------------------------------
>
> Key: HADOOP-8943
> URL: https://issues.apache.org/jira/browse/HADOOP-8943
> Project: Hadoop Common
> Issue Type: Improvement
> Components: security
> Reporter: Kai Zheng
> Fix For: 2.0.3-alpha
>
> Attachments: HADOOP-8943.patch
>
> Original Estimate: 504h
> Remaining Estimate: 504h
>
> Discussed with Natty about LdapGroupMapping, we need to improve it so that:
> 1. It's possible to do different group mapping for different users/principals. For example, AD user should go to LdapGroupMapping service for group, but service principals such as hdfs, mapred can still use the default one ShellBasedUnixGroupsMapping;
> 2. Multiple ADs can be supported to do LdapGroupMapping;
> 3. It's possible to configure what kind of users/principals (regarding domain/realm is an option) should use which group mapping service/mechanism.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (HADOOP-8943) Enable to support multiple ADs and
different group mapping for different user
Posted by "Tianyou Li (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HADOOP-8943?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Tianyou Li updated HADOOP-8943:
-------------------------------
Description:
Discussed with Natty about LdapGroupMapping, we need to improve it so that:
1. It's possible to do different group mapping for different users/principals. For example, AD user should go to LdapGroupMapping service for group, but service principals such as hdfs, mapred can still use the default one ShellBasedUnixGroupsMapping;
2. Multiple ADs can be supported to do LdapGroupMapping;
3. It's possible to configure what kind of users/principals (regarding domain/realm is an option) should use which group mapping service/mechanism.
was:
> Enable to support multiple ADs and different group mapping for different user
> -----------------------------------------------------------------------------
>
> Key: HADOOP-8943
> URL: https://issues.apache.org/jira/browse/HADOOP-8943
> Project: Hadoop Common
> Issue Type: Improvement
> Components: security
> Reporter: Kai Zheng
> Fix For: 2.0.3-alpha
>
> Original Estimate: 504h
> Remaining Estimate: 504h
>
> Discussed with Natty about LdapGroupMapping, we need to improve it so that:
> 1. It's possible to do different group mapping for different users/principals. For example, AD user should go to LdapGroupMapping service for group, but service principals such as hdfs, mapred can still use the default one ShellBasedUnixGroupsMapping;
> 2. Multiple ADs can be supported to do LdapGroupMapping;
> 3. It's possible to configure what kind of users/principals (regarding domain/realm is an option) should use which group mapping service/mechanism.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (HADOOP-8943) Enable to support multiple ADs and
different group mapping for different user
Posted by "Tianyou Li (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HADOOP-8943?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Tianyou Li updated HADOOP-8943:
-------------------------------
Description: (was: Discussed with Natty about LdapGroupMapping, we need to improve it so that:
1. It's possible to do different group mapping for different users/principals. For example, AD user should go to LdapGroupMapping service for group, but service principals such as hdfs, mapred can still use the default one ShellBasedUnixGroupsMapping;
2. Multiple ADs can be supported to do LdapGroupMapping;
3. It's possible to configure what kind of users/principals (regarding domain/realm is an option) should use which group mapping service/mechanism.
)
> Enable to support multiple ADs and different group mapping for different user
> -----------------------------------------------------------------------------
>
> Key: HADOOP-8943
> URL: https://issues.apache.org/jira/browse/HADOOP-8943
> Project: Hadoop Common
> Issue Type: Improvement
> Components: security
> Reporter: Kai Zheng
> Fix For: 2.0.3-alpha
>
> Original Estimate: 504h
> Remaining Estimate: 504h
>
>
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira