You are viewing a plain text version of this content. The canonical link for it is here.

Posted to common-issues@hadoop.apache.org by "Benoy Antony (JIRA)" <ji...@apache.org> on 2015/01/07 23:43:34 UTC

[jira] [Commented] (HADOOP-10654) Support pluggable mechanism to specify Service Authorization

    [ https://issues.apache.org/jira/browse/HADOOP-10654?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14268428#comment-14268428 ] 

Benoy Antony commented on HADOOP-10654:
---------------------------------------

It makes sense to implement the pluggability enhancement along with HADOOP-10679. So this jira can be ignored for now.

> Support pluggable mechanism to specify Service Authorization
> ------------------------------------------------------------
>
>                 Key: HADOOP-10654
>                 URL: https://issues.apache.org/jira/browse/HADOOP-10654
>             Project: Hadoop Common
>          Issue Type: Sub-task
>          Components: security
>            Reporter: Benoy Antony
>            Assignee: Benoy Antony
>         Attachments: HADOOP-10654.patch
>
>
> The service authorization can be specified via hadoop-policy.xml for different services(protocols) using ACLS ( list of users and groups) . The other subtasks will improve the standard behavior. 
> In some case, further special handling is required to restrict access based on few other external characteristics of the user for special clusters. Such special authorization requirements can be met if it is possible to plugin authorization mechanisms at this point.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)