Return-Path: 
 <notifications-return-9358-apmail-accumulo-notifications-archive=accumulo.apache.org@accumulo.apache.org>
X-Original-To: apmail-accumulo-notifications-archive@minotaur.apache.org
Delivered-To: apmail-accumulo-notifications-archive@minotaur.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id 5D7C51032E
	for <apmail-accumulo-notifications-archive@minotaur.apache.org>;
 Tue,  3 Sep 2013 22:03:52 +0000 (UTC)
Received: (qmail 8605 invoked by uid 500); 3 Sep 2013 22:03:52 -0000
Delivered-To: apmail-accumulo-notifications-archive@accumulo.apache.org
Received: (qmail 8544 invoked by uid 500); 3 Sep 2013 22:03:52 -0000
Mailing-List: contact notifications-help@accumulo.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:notifications-help@accumulo.apache.org>
List-Unsubscribe: <mailto:notifications-unsubscribe@accumulo.apache.org>
List-Post: <mailto:notifications@accumulo.apache.org>
List-Id: <notifications.accumulo.apache.org>
Reply-To: jira@apache.org
Delivered-To: mailing list notifications@accumulo.apache.org
Received: (qmail 8417 invoked by uid 99); 3 Sep 2013 22:03:51 -0000
Received: from arcas.apache.org (HELO arcas.apache.org) (140.211.11.28)
    by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 03 Sep 2013 22:03:51 +0000
Date: Tue, 3 Sep 2013 22:03:51 +0000 (UTC)
From: "John Vines (JIRA)" <jira@apache.org>
To: notifications@accumulo.apache.org
Message-ID: <JIRA.12666769.1378245743089.74047.1378245831905@arcas>
In-Reply-To: <JIRA.12666769.1378245743089@arcas>
References: <JIRA.12666769.1378245743089@arcas>
Subject: [jira] [Created] (ACCUMULO-1681) Adjust Authorizor Interface to
 validate auths instead of retrieving a list
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394

John Vines created ACCUMULO-1681:
------------------------------------

             Summary: Adjust Authorizor Interface to validate auths instead of retrieving a list
                 Key: ACCUMULO-1681
                 URL: https://issues.apache.org/jira/browse/ACCUMULO-1681
             Project: Accumulo
          Issue Type: Bug
          Components: tserver
            Reporter: John Vines
            Assignee: John Vines
             Fix For: 1.6.0


Currently the Authorizor interface is used to request a set of authorizations which then get checked against the authorizations a user is attempting to use. However, some security systems only support the ability to validate authorizations/permissions/roles and not provide a list. That makes these systems (entirely) incompatible with Accumulo when they don't have to be.

We should switch the behavior of Accumulo to ask the Authorizor (via SecurityOperations) if the auths are valid. The existing getAuths functionality will still use that call and would have potentially limited support, similar to the potentially limited support of any of the set operations.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira