falcon-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Venkatesh Seetharam (JIRA)" <j...@apache.org>
Subject [jira] [Comment Edited] (FALCON-15) Secure Hadoop client interface
Date Tue, 11 Jun 2013 21:26:21 GMT

    [ https://issues.apache.org/jira/browse/FALCON-15?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13680688#comment-13680688
] 

Venkatesh Seetharam edited comment on FALCON-15 at 6/11/13 9:25 PM:
--------------------------------------------------------------------

[~sriksun] Thanks for your comments.

bq. Can we avoid assertion on exception messages
Unfortunately the ACL exception is not returned by a remote exception which defeats the accuracy
but made the change.

bq. This fileSystem should be created as the the feed owner. Might break, if the feed owner
hasn't given world readable privileges 
Hmmm, All the FS handles are created as a proxy in this class. Appreciate if you could look
at the uber issue as I have abandoned the subtasks. Sorry for the confusion.
 
{code}
    public String detectChanges(Path file, Map<String, Long> map, Configuration conf,
String workflowUser)
        throws Exception {
        FileSystem fileSystem = HadoopClientFactory.get().createProxiedFileSystem(
                workflowUser, file.toUri(), conf);
        BufferedReader in = new BufferedReader(new InputStreamReader(fileSystem.open(file)));
        .....

    public long usage(Path inPath, Configuration conf, String workflowUser)
        throws Exception {
        FileSystem fs = HadoopClientFactory.get().createProxiedFileSystem(
                workflowUser, inPath.toUri(), conf);
        FileStatus[] fileStatuses = fs.globStatus(inPath);
        .....
{code}

bq. Can we augment LateDataHandlerTest to test the scenarios where feed path is not world
readable?
This may not make sense when the FS is a proxy, no?
                
      was (Author: svenkat):
    [~sriksun] Thanks fro your comments.

bq. Can we avoid assertion on exception messages
Unfortunately the ACL exception is not returned by a remote exception which defeats the accuracy
but made the change.

bq. This fileSystem should be created as the the feed owner. Might break, if the feed owner
hasn't given world readable privileges 
Hmmm, All the FS handles are created as a proxy in this class. Appreciate if you could look
at the uber issue as I have abandoned the subtasks. Sorry for the confusion.
 
{code}
    public String detectChanges(Path file, Map<String, Long> map, Configuration conf,
String workflowUser)
        throws Exception {
        FileSystem fileSystem = HadoopClientFactory.get().createProxiedFileSystem(
                workflowUser, file.toUri(), conf);
        BufferedReader in = new BufferedReader(new InputStreamReader(fileSystem.open(file)));
        .....

    public long usage(Path inPath, Configuration conf, String workflowUser)
        throws Exception {
        FileSystem fs = HadoopClientFactory.get().createProxiedFileSystem(
                workflowUser, inPath.toUri(), conf);
        FileStatus[] fileStatuses = fs.globStatus(inPath);
        .....
{code}

bq. Can we augment LateDataHandlerTest to test the scenarios where feed path is not world
readable?
This may not make sense when the FS is a proxy, no?
                  
> Secure Hadoop client interface
> ------------------------------
>
>                 Key: FALCON-15
>                 URL: https://issues.apache.org/jira/browse/FALCON-15
>             Project: Falcon
>          Issue Type: Sub-task
>            Reporter: Venkatesh Seetharam
>            Assignee: Venkatesh Seetharam
>              Labels: security
>         Attachments: FALCON-15.patch
>
>


--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message