[jira] [Commented] (HADOOP-10776) Open up already widely-used APIs for delegation-token fetching & renewal to ecosystem projects

Thu, 24 Nov 2016 10:21:15 -0800 

    [ 
https://issues.apache.org/jira/browse/HADOOP-10776?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15693961#comment-15693961
 ] 

Hudson commented on HADOOP-10776:
---------------------------------

SUCCESS: Integrated in Jenkins build Hadoop-trunk-Commit #10890 (See 
[https://builds.apache.org/job/Hadoop-trunk-Commit/10890/])
HADOOP-10776 Open up already widely-used APIs for delegation-token (stevel: rev 
01665e456de8d79000ce273dded5ea53aa62965a)
* (edit) 
hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/AccessControlException.java
* (edit) 
hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/UserGroupInformation.java
* (edit) 
hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/authorize/AuthorizationException.java
* (edit) 
hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/token/delegation/AbstractDelegationTokenIdentifier.java
* (edit) 
hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/FileSystem.java
* (edit) 
hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/Credentials.java
* (edit) 
hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/SecurityUtil.java
* (edit) 
hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/token/delegation/AbstractDelegationTokenSecretManager.java
* (edit) 
hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/token/Token.java


> Open up already widely-used APIs for delegation-token fetching & renewal to 
> ecosystem projects
> ----------------------------------------------------------------------------------------------
>
>                 Key: HADOOP-10776
>                 URL: https://issues.apache.org/jira/browse/HADOOP-10776
>             Project: Hadoop Common
>          Issue Type: Improvement
>            Reporter: Robert Joseph Evans
>            Assignee: Vinod Kumar Vavilapalli
>            Priority: Blocker
>             Fix For: 2.8.0
>
>         Attachments: HADOOP-10776-20160822.txt, 
> HADOOP-10776-branch-2-002.patch, HADOOP-10776-branch-2-003.patch
>
>
> Storm would like to be able to fetch delegation tokens and forward them on to 
> running topologies so that they can access HDFS (STORM-346).  But to do so we 
> need to open up access to some of APIs. 
> Most notably FileSystem.addDelegationTokens(), Token.renew, 
> Credentials.getAllTokens, and UserGroupInformation but there may be others.
> At a minimum adding in storm to the list of allowed API users. But ideally 
> making them public. Restricting access to such important functionality to 
> just MR really makes secure HDFS inaccessible to anything except MR, or tools 
> that reuse MR input formats.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to