You are viewing a plain text version of this content. The canonical link for it is here.
Posted to common-issues@hadoop.apache.org by "Jakob Homan (JIRA)" <ji...@apache.org> on 2009/12/02 02:59:20 UTC
[jira] Commented: (HADOOP-4656) Add a user to groups mapping
service
[ https://issues.apache.org/jira/browse/HADOOP-4656?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12784586#action_12784586 ]
Jakob Homan commented on HADOOP-4656:
-------------------------------------
Reviewed patch:
* Nit: Calling an abstract class GroupMappingImpl seems a bit odd, even if it is technically correct for this. Service provider, maybe?
* In Groups.java the previous timer-based code is still present, but commented out. Needs removed.
* Note: HADOOP-6299, if added as-is from the draft posted, will introduce code duplication in terms of executing the shell. When that code is reviewed, we should try to eliminate that.
* In the unit test, principal is spelled as principle.
* In the second-to-last line of the unit test, there is a spelling error of subject.
* The provided unit test is very happy pathy. It'd be great if there were more testing of failures. Gary suggested testing what happens if we pass a user name that doesn't exist.
> Add a user to groups mapping service
> -------------------------------------
>
> Key: HADOOP-4656
> URL: https://issues.apache.org/jira/browse/HADOOP-4656
> Project: Hadoop Common
> Issue Type: Improvement
> Components: security
> Affects Versions: 0.19.0
> Reporter: Arun C Murthy
> Assignee: Boris Shkolnik
> Attachments: HADOOP-4656-1.patch, HADOOP-4656-2.patch, HADOOP-4656.patch, HADOOP-4656_0_20090108.patch
>
>
> Currently the IPC client sends the UGI which contains the user/group information for the Server. However this represents the groups for the user on the client-end. The more pertinent mapping from user to groups is actually the one seen by the Server. Hence the client should only send the user and we should add a 'group mapping service' so that the Server can query it for the mapping.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.