accumulo-notifications mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Keith Turner (JIRA)" <>
Subject [jira] [Commented] (ACCUMULO-996) explore exposing accumulo token in proxy
Date Mon, 28 Jan 2013 20:07:13 GMT


Keith Turner commented on ACCUMULO-996:

bq. This will work for the tokens we provide, but not for any developer-user generated tokens.
However, it's better than nothing.

Could possibly do something like the following to make it more extensible. The user could
then plug things into the proxy to handle arbitrary authentication.  

   //authClass : a java class to use in the proxy for authentication
   ProxyToken authenticate(String authClass, binary authdata);


But this is probably not general enough.  PKI authentication will not be a one shot rpc, it
will be series of challenges and responses.   So its probably not worth generalizing at this
point.  Just create specialized authentication methods for now.

Also I am thinking that ProxyToken should contain a byte array instead of a long.  This way
it can be contain different data for different authentication methods. 
> explore exposing accumulo token in proxy
> ----------------------------------------
>                 Key: ACCUMULO-996
>                 URL:
>             Project: Accumulo
>          Issue Type: Sub-task
>          Components: proxy
>            Reporter: Keith Turner
>            Assignee: Eric Newton
>             Fix For: 1.5.0
> with the new security related changes for 1.5, do the new authentication mechanism need
to be exposed in the proxy?

This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see:

View raw message