You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@accumulo.apache.org by "Keith Turner (JIRA)" <ji...@apache.org> on 2013/01/28 19:33:14 UTC
[jira] [Commented] (ACCUMULO-996) explore exposing accumulo token
in proxy
[ https://issues.apache.org/jira/browse/ACCUMULO-996?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13564493#comment-13564493 ]
Keith Turner commented on ACCUMULO-996:
---------------------------------------
What do people think about doing the following in the proxy instead of always passing user pass?
{code}
struct ProxyToken {
long token;
}
ProxyToken authenticateUserPass(UserPass up);
ProxyToken authenticateKerberose(KerberoseToken kt);
i32 addConstraint (1:ProxyToken token, 2:string tableName, 3:string constraintClassName)
{code}
This would allow the proxy to use different authetication mechanisms. The token woudl be transient, generated using secure random, and time out when inactive.
> explore exposing accumulo token in proxy
> ----------------------------------------
>
> Key: ACCUMULO-996
> URL: https://issues.apache.org/jira/browse/ACCUMULO-996
> Project: Accumulo
> Issue Type: Sub-task
> Components: proxy
> Reporter: Keith Turner
> Assignee: Eric Newton
> Fix For: 1.5.0
>
>
> with the new security related changes for 1.5, do the new authentication mechanism need to be exposed in the proxy?
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira