hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Allen Wittenauer (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HADOOP-11683) Need a plugin API to translate long principal names to local OS user names arbitrarily
Date Fri, 06 Mar 2015 21:39:38 GMT

    [ https://issues.apache.org/jira/browse/HADOOP-11683?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14350943#comment-14350943
] 

Allen Wittenauer commented on HADOOP-11683:
-------------------------------------------

bq. I do have some reservations against making this is User specified class though. Considering
that this would be user code that would be executed within possibly critical sections of the
HDFS code.

This is the "enough rope to hang yourself" principle.  It should be hard to do, but not impossible.
 The vast majority of folks will use the built-in stuff, but the edge case people need it.
 Besides, we already have user-code running in the NN now.

> Need a plugin API to translate long principal names to local OS user names arbitrarily
> --------------------------------------------------------------------------------------
>
>                 Key: HADOOP-11683
>                 URL: https://issues.apache.org/jira/browse/HADOOP-11683
>             Project: Hadoop Common
>          Issue Type: Improvement
>          Components: security
>            Reporter: Sunny Cheung
>
> We need a plugin API to translate long principal names (e.g. john.doe@EXAMPLE.COM) to
local OS user names (e.g. user123456) arbitrarily.
> For some organizations the name translation is straightforward (e.g. john.doe@EXAMPLE.COM
to john_doe), and the hadoop.security.auth_to_local configurable mapping is sufficient to
resolve this (see HADOOP-6526). However, in some other cases the name translation is arbitrary
and cannot be generalized by a set of translation rules easily.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message