hbase-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Enis Soztutar (Commented) (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HBASE-5371) Introduce AccessControllerProtocol.checkPermissions(Permission[] permissons) API
Date Thu, 16 Feb 2012 02:18:59 GMT

    [ https://issues.apache.org/jira/browse/HBASE-5371?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13209076#comment-13209076
] 

Enis Soztutar commented on HBASE-5371:
--------------------------------------

bq. It can't because it changes the protocol version of AccessControllerProtocol.
Right, since we bumped the protocol version, it will be incompatible. But without this, we
cannot continue with the patch in HCATALOG-245, which will hopefully ported to Hive as well.
What about re-changing the version to 1, since we just added a new method, but not changed
anything on the wire, it should be compatible. The only catch is that if you invoke the new
API from a new client, but the server is using the old version, you would get a NoSuchMethod
or smt. Is that asking for too much, wdyt?
                
> Introduce AccessControllerProtocol.checkPermissions(Permission[] permissons) API
> --------------------------------------------------------------------------------
>
>                 Key: HBASE-5371
>                 URL: https://issues.apache.org/jira/browse/HBASE-5371
>             Project: HBase
>          Issue Type: Sub-task
>          Components: security
>    Affects Versions: 0.94.0, 0.92.1
>            Reporter: Enis Soztutar
>            Assignee: Enis Soztutar
>             Fix For: 0.94.0
>
>         Attachments: HBASE-5371_v2.patch, HBASE-5371_v3-noprefix.patch, HBASE-5371_v3.patch
>
>
> We need to introduce something like AccessControllerProtocol.checkPermissions(Permission[]
permissions) API, so that clients can check access rights before carrying out the operations.
We need this kind of operation for HCATALOG-245, which introduces authorization providers
for hbase over hcat. We cannot use getUserPermissions() since it requires ADMIN permissions
on the global/table level.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

Mime
View raw message