accumulo-notifications mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Christopher Tubbs (JIRA)" <>
Subject [jira] [Commented] (ACCUMULO-3375) Move user and permission data into a table
Date Mon, 01 Dec 2014 23:49:13 GMT


Christopher Tubbs commented on ACCUMULO-3375:

bq. I think I thought the same thing initially, but how much of that is because of how we
have implemented the user system to begin with? Consider a large organization with authentication
via an external system like LDAP or Kerberos. Having a scalable store provided by us would
be nicer for all those permissions/authorizations/etc. Need some more measurable numbers behind

Yes, that was the point of ACCUMULO-259.

> Move user and permission data into a table
> ------------------------------------------
>                 Key: ACCUMULO-3375
>                 URL:
>             Project: Accumulo
>          Issue Type: Improvement
>            Reporter: Josh Elser
>            Priority: Minor
> We currently use ZooKeeper to store the user database (name and password) in addition
to the authorizations and permissions for each user.
> ZooKeeper is designed for distributed configuration and synchronization/coordination
tasks; it is not designed to be a persistent store. In this case it would be better to use
a table to manage this information.
> I think this might reduce some complexity in managing that database, notably better recovery
if ZK dies for some reason. Having a table might trivialize import/export of the user database
(ACCUMULO-1722 is what made me think of this).

This message was sent by Atlassian JIRA

View raw message