Return-Path: X-Original-To: apmail-hadoop-common-issues-archive@minotaur.apache.org Delivered-To: apmail-hadoop-common-issues-archive@minotaur.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 5040910F2D for ; Tue, 22 Oct 2013 01:27:44 +0000 (UTC) Received: (qmail 50854 invoked by uid 500); 22 Oct 2013 01:27:43 -0000 Delivered-To: apmail-hadoop-common-issues-archive@hadoop.apache.org Received: (qmail 50845 invoked by uid 500); 22 Oct 2013 01:27:43 -0000 Mailing-List: contact common-issues-help@hadoop.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: common-issues@hadoop.apache.org Delivered-To: mailing list common-issues@hadoop.apache.org Received: (qmail 50835 invoked by uid 99); 22 Oct 2013 01:27:43 -0000 Received: from arcas.apache.org (HELO arcas.apache.org) (140.211.11.28) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 22 Oct 2013 01:27:43 +0000 Date: Tue, 22 Oct 2013 01:27:43 +0000 (UTC) From: "Yi Liu (JIRA)" To: common-issues@hadoop.apache.org Message-ID: In-Reply-To: References: Subject: [jira] [Updated] (HADOOP-9836) Token definition and API MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 [ https://issues.apache.org/jira/browse/HADOOP-9836?page=3Dcom.atlassi= an.jira.plugin.system.issuetabpanels:all-tabpanel ] Yi Liu updated HADOOP-9836: --------------------------- Status: Patch Available (was: Open) Update the patch. This patch includes interfaces of Token, IdentityToken and AccessToken. Dev= elopers can extend these interfaces to do customization. Token is issued to= user by service and will be used in the users=E2=80=99 following requests. In general, a token contains subject, timestamps, audiences, attributes and= so on, and this patch also includes the definition of these items. A token= should be able to be signed and encrypted, and admin can renew or cancel t= he token. This patch define =E2=80=9CSecurityManager=E2=80=9D and =E2=80=9C= TokenRenewer=E2=80=9D interfaces which should be implemented for specific t= oken. > Token definition and API > ------------------------ > > Key: HADOOP-9836 > URL: https://issues.apache.org/jira/browse/HADOOP-9836 > Project: Hadoop Common > Issue Type: Sub-task > Components: security > Affects Versions: 3.0.0 > Reporter: Yi Liu > Labels: Rhino > Attachments: HADOOP-9836.patch, HADOOP-9836.patch > > > We need to define common token attributes and APIs for TokenAuth framewor= k which makes the arbitrary token format can be adopted into the framework.= =20 > This JIRA is a sub-task of TokenAuth framework. Common token properties, = APIs and facilities that identity/access token requires will be defined. In= this JIRA, we'll: > =E2=80=A2=09Define Token generation API, includes Token serialization/des= erialization, Token encryption/sign and Token revoke/expire/renew. > =E2=80=A2=09Define Token validation API, includes Token decryption/verify= and Token check(timestamp, audience, etc) > =E2=80=A2=09Define Token Attribute API, includes attributes setting, quer= y and so on. > =E2=80=A2=09Define required attributes and optional attributes for identi= ty token and access token.=20 > =E2=80=A2=09Implement Token Utilities, such as print/debug. -- This message was sent by Atlassian JIRA (v6.1#6144)