accumulo-notifications mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Keith Turner (JIRA)" <>
Subject [jira] [Commented] (ACCUMULO-996) explore exposing accumulo token in proxy
Date Wed, 30 Jan 2013 20:19:12 GMT


Keith Turner commented on ACCUMULO-996:

bq. Another option is to leave the client api pre-259, and just make the server side have
the pluggability, so we don't end up changing the authentication token types in quick succession.
I spent the majority of my time on the server end, and unfortunately it's showing in the code.

I still have not had a change to make a comprehensive review of this yet, its on my todo list.
But what types of configurations were you hoping to support?  Below are some possibilities.
 Do you feel the current API would support these?

 * Kerberose + LDAP
 * Username/pass + LDAP
 * Username/pass + Zookeeper

I just opened ACCUMULO-1009.  Are there standard ways for doing PKI authentication other than
SSL?  If not then that may push PKI off til 1.6, but we would still want to think through
the API implications as much as possible now.  For example in the end we may want a connection
factory that can produce authenticated (and possibly encrypted) connections to ACCUMULO servers.
 Users could supply this connection factory to Accumulo configured however they like.   

> explore exposing accumulo token in proxy
> ----------------------------------------
>                 Key: ACCUMULO-996
>                 URL:
>             Project: Accumulo
>          Issue Type: Sub-task
>          Components: proxy
>            Reporter: Keith Turner
>            Assignee: Eric Newton
>             Fix For: 1.5.0
> with the new security related changes for 1.5, do the new authentication mechanism need
to be exposed in the proxy?

This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see:

View raw message