Return-Path: X-Original-To: apmail-ambari-dev-archive@www.apache.org Delivered-To: apmail-ambari-dev-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 7D1E110BF0 for ; Mon, 24 Nov 2014 14:31:13 +0000 (UTC) Received: (qmail 90733 invoked by uid 500); 24 Nov 2014 14:31:13 -0000 Delivered-To: apmail-ambari-dev-archive@ambari.apache.org Received: (qmail 90670 invoked by uid 500); 24 Nov 2014 14:31:13 -0000 Mailing-List: contact dev-help@ambari.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@ambari.apache.org Delivered-To: mailing list dev@ambari.apache.org Received: (qmail 89728 invoked by uid 99); 24 Nov 2014 14:31:12 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 24 Nov 2014 14:31:12 +0000 X-ASF-Spam-Status: No, hits=1.5 required=5.0 tests=HTML_MESSAGE,RCVD_IN_DNSWL_LOW,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: domain of rlevas@hortonworks.com designates 209.85.216.169 as permitted sender) Received: from [209.85.216.169] (HELO mail-qc0-f169.google.com) (209.85.216.169) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 24 Nov 2014 14:30:44 +0000 Received: by mail-qc0-f169.google.com with SMTP id w7so6883537qcr.28 for ; Mon, 24 Nov 2014 06:29:58 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:subject:message-id:date:to:mime-version :content-type; bh=Ct84+6VtUvFuK9QvNisKJE8M3AC9rLrs1cusGXXNnwA=; b=aFqZo2sRQ+TFgM2185BGyLAEzN2eWW3ZdFYg68nry2EpEh0ZQGOvyiJwHB5gDURryO CNdyHrqkppF33dHCJOn+TwEhF7JArWy1XbmlwT2wB/adTpufBjZxMdWwZUTk9VKAWA// dLm8sQ96zt4YbdJwmj5nKEFk805Ch23XggguJ4gH9rzkAsvJ+bNOkCkUGPlRtrnCpI1v BqYz8sO38d2n1n1KwgMDSBCQPOiob99HTmX+83FIzUIFZ+R703/0Hy3RDkicTksowSMH VK0b6JhzYl9qA/xNxb08BEhsuAun3UxzYo/jh+8d2PkI/HKwXTfjvX6ZRFp/1tpoWaZD 4ROA== X-Gm-Message-State: ALoCoQn6keankHQlRWlVVF+jeVREzON+SYB1jwusv8nyJi0vDURvZuhau/5u1c3Up8fcb1tuEvpLMBDL28+MKspBC7jdz6zUY4omJ4Qj9xeG9ZXsDOLBDnY= X-Received: by 10.224.68.73 with SMTP id u9mr29297486qai.75.1416839398226; Mon, 24 Nov 2014 06:29:58 -0800 (PST) Received: from hw10868.localdomain (pool-173-61-47-102.cmdnnj.fios.verizon.net. [173.61.47.102]) by mx.google.com with ESMTPSA id e6sm11931846qab.42.2014.11.24.06.29.57 for (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Mon, 24 Nov 2014 06:29:57 -0800 (PST) From: Robert Levas Subject: [DISCUSS] Session data made available to API resource handlers Message-Id: <4C4EA29A-D9AE-44E0-915E-07AA28EC5E47@hortonworks.com> Date: Mon, 24 Nov 2014 09:30:00 -0500 To: Ambari Mime-Version: 1.0 (Mac OS X Mail 7.3 \(1878.6\)) X-Mailer: Apple Mail (2.1878.6) Content-Type: multipart/alternative; boundary="Apple-Mail=_94AC2F18-D4FE-43C6-81BD-7D13F2504792" X-Virus-Checked: Checked by ClamAV on apache.org --Apple-Mail=_94AC2F18-D4FE-43C6-81BD-7D13F2504792 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=windows-1252 Team=85 I thought that this might be an interesting topic to discuss. =20 I am looking at a situation where it would be nice to have a dynamically ge= nerated encryption key stored in a web server session. This key could be u= sed to encrypt sensitive data that needs to be shared across REST API calls= during that session. In the JIRA that I created for this - https://issue= s.apache.org/jira/browse/AMBARI-8426 - I propose a use-case related to the = automation of enabling (or disabling) Kerberos in a cluster.=20 If we take the more generate route that is proposed in the JIRA, we could p= ossibly do other things by storing data in the session - not just the encry= ption facility I need. However I would be happy to just have the encryptio= n key if we wanted to limit the scope of access to session data across REST= API calls. Please take a look and provide feedback or suggestions for alternative ways= I might accomplish this. Since this is needed to the upcoming 2.0.0 relea= se, I would like to have something in the works by Wednesday.=20 Thanks, Rob --=20 CONFIDENTIALITY NOTICE NOTICE: This message is intended for the use of the individual or entity to= =20 which it is addressed and may contain information that is confidential,=20 privileged and exempt from disclosure under applicable law. If the reader= =20 of this message is not the intended recipient, you are hereby notified that= =20 any printing, copying, dissemination, distribution, disclosure or=20 forwarding of this communication is strictly prohibited. If you have=20 received this communication in error, please contact the sender immediately= =20 and delete it from your system. Thank You. --Apple-Mail=_94AC2F18-D4FE-43C6-81BD-7D13F2504792--