accumulo-notifications mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Christopher Tubbs (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (ACCUMULO-3375) Move user and permission data into a table
Date Mon, 01 Dec 2014 23:49:13 GMT

    [ https://issues.apache.org/jira/browse/ACCUMULO-3375?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14230707#comment-14230707
] 

Christopher Tubbs commented on ACCUMULO-3375:
---------------------------------------------

bq. I think I thought the same thing initially, but how much of that is because of how we
have implemented the user system to begin with? Consider a large organization with authentication
via an external system like LDAP or Kerberos. Having a scalable store provided by us would
be nicer for all those permissions/authorizations/etc. Need some more measurable numbers behind
it.

Yes, that was the point of ACCUMULO-259.

> Move user and permission data into a table
> ------------------------------------------
>
>                 Key: ACCUMULO-3375
>                 URL: https://issues.apache.org/jira/browse/ACCUMULO-3375
>             Project: Accumulo
>          Issue Type: Improvement
>            Reporter: Josh Elser
>            Priority: Minor
>
> We currently use ZooKeeper to store the user database (name and password) in addition
to the authorizations and permissions for each user.
> ZooKeeper is designed for distributed configuration and synchronization/coordination
tasks; it is not designed to be a persistent store. In this case it would be better to use
a table to manage this information.
> I think this might reduce some complexity in managing that database, notably better recovery
if ZK dies for some reason. Having a table might trivialize import/export of the user database
(ACCUMULO-1722 is what made me think of this).



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message