You are viewing a plain text version of this content. The canonical link for it is here.

Posted to notifications@accumulo.apache.org by "John Vines (JIRA)" <ji...@apache.org> on 2013/04/16 23:51:16 UTC

[jira] [Commented] (ACCUMULO-1024) Deprecate built-in user management utilities

    [ https://issues.apache.org/jira/browse/ACCUMULO-1024?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13633427#comment-13633427 ] 

John Vines commented on ACCUMULO-1024:
--------------------------------------

What is your status on this ticket? I'm weary to do any 259 documentation until the dust clears. I would work on this, but you've had it marked in progress for a while. If you can give an update, I have some cycles to wrap on this.
                
> Deprecate built-in user management utilities
> --------------------------------------------
>
>                 Key: ACCUMULO-1024
>                 URL: https://issues.apache.org/jira/browse/ACCUMULO-1024
>             Project: Accumulo
>          Issue Type: Sub-task
>          Components: master, tserver
>            Reporter: Christopher Tubbs
>            Assignee: Christopher Tubbs
>             Fix For: 1.5.0
>
>
> The built-in user management functionality should be phased out, in favor of the pluggable authentication model. Any user-management functions that apply to a particular implementation of an authentication should be handled within that implementation, and not within Accumulo's core.
> This should reduce the complexity of the overall user model.
> A transition plan should be established for the prior ZKAuthenticator implementation for usernames and passwords. The former APIs for user management should continue to work as is, and pass through to the former implementation, but any new APIs for user management should not be introduced to the core (like in SecurityOperations, the shell, and 'accumulo init'), because that introduces complexity and essentially establishes a guarantee that Accumulo will handle user management for arbitrary authentication systems... which I don't think we can do generically.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira