accumulo-notifications mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "John Vines (JIRA)" <j...@apache.org>
Subject [jira] [Resolved] (ACCUMULO-1681) Adjust Authorizor Interface to validate auths instead of retrieving a list
Date Mon, 28 Oct 2013 23:16:32 GMT

     [ https://issues.apache.org/jira/browse/ACCUMULO-1681?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

John Vines resolved ACCUMULO-1681.
----------------------------------

    Resolution: Fixed

> Adjust Authorizor Interface to validate auths instead of retrieving a list
> --------------------------------------------------------------------------
>
>                 Key: ACCUMULO-1681
>                 URL: https://issues.apache.org/jira/browse/ACCUMULO-1681
>             Project: Accumulo
>          Issue Type: Bug
>          Components: tserver
>            Reporter: John Vines
>            Assignee: John Vines
>             Fix For: 1.6.0
>
>         Attachments: ACCUMULO-1681.patch, ACCUMULO-1681.v2.patch
>
>
> Currently the Authorizor interface is used to request a set of authorizations which then
get checked against the authorizations a user is attempting to use. However, some security
systems only support the ability to validate authorizations/permissions/roles and not provide
a list. That makes these systems (entirely) incompatible with Accumulo when they don't have
to be.
> We should switch the behavior of Accumulo to ask the Authorizor (via SecurityOperations)
if the auths are valid. The existing getAuths functionality will still use that call and would
have potentially limited support, similar to the potentially limited support of any of the
set operations.



--
This message was sent by Atlassian JIRA
(v6.1#6144)

Mime
View raw message