[
https://issues.apache.org/jira/browse/HADOOP-15954?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16738207#comment-16738207
]
Steve Loughran commented on HADOOP-15954:
-----------------------------------------
I've been working on Delegation Tokens for S3A and thinking about this
Should whatever plugin that ABFS (& other stores) use for DT binding hold the
right to declare the username & group? That way, if someone is logged in with
AD, it can get user & group from that, and if a DT was issued from the logged
in user, the user & group could be added to the DT and unmarshalled at the far
end?
I don't think that'll directly impact this patch, but it is ~related...if
something like that went it, it'd be an evolution
> ABFS: Enable owner and group conversion for MSI and login user using OAuth
> --------------------------------------------------------------------------
>
> Key: HADOOP-15954
> URL: https://issues.apache.org/jira/browse/HADOOP-15954
> Project: Hadoop Common
> Issue Type: Sub-task
> Components: fs/azure
> Affects Versions: 3.2.0
> Reporter: junhua gu
> Assignee: Da Zhou
> Priority: Major
> Attachments: HADOOP-15954-001.patch, HADOOP-15954-002.patch,
> HADOOP-15954-003.patch, HADOOP-15954-004.patch, HADOOP-15954-005.patch,
> HADOOP-15954-006.patch, HADOOP-15954-007.patch
>
>
> Add support for overwriting owner and group in set/get operations to be the
> service principal id when OAuth is used. Add support for upn short name
> format.
>
> Add Standard Transformer for SharedKey / Service
> Add interface provides an extensible model for customizing the acquisition of
> Identity Transformer.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
