hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Benoy Antony (JIRA)" <j...@apache.org>
Subject [jira] [Created] (HADOOP-10651) Add ability to control service authorization using IP addresses and hostnames
Date Mon, 02 Jun 2014 01:49:01 GMT
Benoy Antony created HADOOP-10651:
-------------------------------------

             Summary: Add ability to control service authorization using IP addresses and
hostnames
                 Key: HADOOP-10651
                 URL: https://issues.apache.org/jira/browse/HADOOP-10651
             Project: Hadoop Common
          Issue Type: Sub-task
          Components: security
            Reporter: Benoy Antony
            Assignee: Benoy Antony


In some use cases, it make sense to authorize the usage of some services only from specific
hosts. Just like ACLS for Service Authorization , there can be a list of hosts for each service
and this list can be checked during authorization. 

Similar to ACLS, there can be a whitelist of ip and blacklist of ips. The default whitelist
will be * and default blacklist will be empty. It should be possible to override the default
whitelist and default blacklist. It should be possible to define whitelist and blacklist per
service.
It should be possible to define ip ranges in blacklists and whitelists



--
This message was sent by Atlassian JIRA
(v6.2#6252)

Mime
View raw message