hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Benoy Antony (JIRA)" <j...@apache.org>
Subject [jira] [Comment Edited] (HADOOP-12203) Refactor Service Authorization Framework
Date Tue, 07 Jul 2015 21:15:04 GMT

    [ https://issues.apache.org/jira/browse/HADOOP-12203?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14617406#comment-14617406
] 

Benoy Antony edited comment on HADOOP-12203 at 7/7/15 9:14 PM:
---------------------------------------------------------------

Please review HADOOP-10679 for more detailed requirements and design document.

As part of generalization, an interface _AuthorizationManager<T>_ is defined. _DefaultAuthorizationManager<T>_
implements
_AuthorizationManager<T>_. _ServiceAuthorizationManager_ extends _DefaultAuthorizationManager<Class?>_
and is used for
authorize RPC calls. 

The DefaultAuthorizationManager internally uses _AuthorizationManagerHelper<T>_. Most
of the logic in original_ServiceAuthorizationManager_ is moved to_AuthorizationManagerHelper<T>_
.

The class diagram and sequence diagrams are in the design document in  HADOOP-10679.


was (Author: benoyantony):
Please review HADOOP-10679 for more detailed requirements and design document.

As part of generalization, an interface AuthorizationManager<T> is defined. DefaultAuthorizationManager<T>
implements
AuthorizationManager<T>. ServiceAuthorizationManager extends DefaultAuthorizationManager<Class?>
and is used for
authorize RPC calls.

> Refactor Service Authorization Framework
> ----------------------------------------
>
>                 Key: HADOOP-12203
>                 URL: https://issues.apache.org/jira/browse/HADOOP-12203
>             Project: Hadoop Common
>          Issue Type: Sub-task
>          Components: security
>            Reporter: Benoy Antony
>            Assignee: Benoy Antony
>
> Refactor Service Authorization Framework so that same framework can be used to authenticate
requests for RPC and web resources.
> The _ServiceAuthorizationManager_ uses a Class object to identify the RPC protocol that
the user is trying to access. While this works for an RPC protocol, it will not work in general.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message