You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@sentry.apache.org by "Sravya Tirukkovalur (JIRA)" <ji...@apache.org> on 2015/08/20 06:28:46 UTC

[jira] [Updated] (SENTRY-750) Use the Sqoop Server principal as the requester when removing the Sqoop resource

     [ https://issues.apache.org/jira/browse/SENTRY-750?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Sravya Tirukkovalur updated SENTRY-750:
---------------------------------------
    Fix Version/s: 1.6.0

> Use the Sqoop Server principal as the requester when removing the Sqoop resource
> --------------------------------------------------------------------------------
>
>                 Key: SENTRY-750
>                 URL: https://issues.apache.org/jira/browse/SENTRY-750
>             Project: Sentry
>          Issue Type: Bug
>    Affects Versions: 1.6.0
>            Reporter: guoquan
>            Assignee: guoquan
>             Fix For: 1.6.0
>
>         Attachments: SENTRY-750.001.patch
>
>
> When the user1 is the owner of job1, the user1 can delete job1. The Sqoop Server receives the user1's request for deleting job1. It will check the job1's owner, if the owner equals user1, the Sqoop server will not do the authorizaiton check. When the repository delete the job1, the Sqoop server will send a request to Sentry service for removing the privileges related the job1. The Sqoop Server should send the server principal as the requestor to Sentry Service not the user1. 



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)