hadoop-common-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Doug Cutting (JIRA)" <j...@apache.org>
Subject [jira] Commented: (HADOOP-1298) adding user info to file
Date Wed, 19 Sep 2007 17:21:13 GMT

    [ https://issues.apache.org/jira/browse/HADOOP-1298?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12528826
] 

Doug Cutting commented on HADOOP-1298:
--------------------------------------

Sameer: I share your efficiency concerns, I just wanted to note that connection-oriented authentication
may require considerable changes to our use of RPC, and thus has a non-trivial implementation
cost.  The current proposal, adding parameters, can be tested and developed without reworking
the RPC system, which is a significant advantage.  We may find that it underperforms on large
clusters, and, until that is fixed (perhaps by per-connection authentication) we may not deploy
a ticket mechanism that uses encryption on large clusters.  We change RPC protocol versions
nearly every release anyway, so I don't see that as a major cost.

So we might protototype and benchmark w/ tickets as parameters, then decide whether we need
to move to connection-based authentication before we commit.  As a micro benchmark, we could
measure how many tickets can be validated per second and compare that to our expected RPC
rates.

> adding user info to file
> ------------------------
>
>                 Key: HADOOP-1298
>                 URL: https://issues.apache.org/jira/browse/HADOOP-1298
>             Project: Hadoop
>          Issue Type: New Feature
>          Components: dfs, fs
>            Reporter: Kurtis Heimerl
>            Assignee: Christophe Taton
>             Fix For: 0.15.0
>
>         Attachments: 1298_2007-09-06b.patch, 1298_2007-09-07g.patch, hadoop-user-munncha.patch17
>
>
> I'm working on adding a permissions model to hadoop's DFS. The first step is this change,
which associates user info with files. Following this I'll assoicate permissions info, then
block methods based on that user info, then authorization of the user info. 
> So, right now i've implemented adding user info to files. I'm looking for feedback before
I clean this up and make it offical. 
> I wasn't sure what release, i'm working off trunk. 

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message