hbase-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jimmy Xiang (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HBASE-8662) [rest] support impersonation
Date Wed, 19 Jun 2013 23:04:20 GMT

    [ https://issues.apache.org/jira/browse/HBASE-8662?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13688600#comment-13688600
] 

Jimmy Xiang commented on HBASE-8662:
------------------------------------

Sure, I can reuse the AuthFilter.  I can get the https support related code as well.

As to proxy users per method, the issue is some security concern. Should we do the authorization
check for each method based on the proxy users?  If so, it may be too expensive.  Currently,
the proxy user authorization could check the user's group based on the setting. 
                
> [rest] support impersonation
> ----------------------------
>
>                 Key: HBASE-8662
>                 URL: https://issues.apache.org/jira/browse/HBASE-8662
>             Project: HBase
>          Issue Type: Sub-task
>          Components: REST, security
>            Reporter: Jimmy Xiang
>            Assignee: Jimmy Xiang
>             Fix For: 0.98.0
>
>         Attachments: method_doas.patch, secure_rest.patch, trunk-8662.patch, trunk-8662_v2.patch,
trunk-8662_v3.patch
>
>
> Currently, our client API uses a fixed user: the current user. It should accept a user
passed in, if authenticated.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message