[
https://issues.apache.org/jira/browse/HADOOP-8779?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13477497#comment-13477497
]
Kan Zhang commented on HADOOP-8779:
-----------------------------------
I agree the use of tokens for subsequent authentication (referred to as
internal auth in previous discussions, but maybe subsequent auth is a better
name?) shouldn't be limited to Kerberos authenticated initial connections
(referred to as external auth in previous discussions, but maybe initial auth
is better name?). However, IMHO, we should give users the option not to use
tokens for subsequent authentication, as is the case when security is turned
off today. See HDFS-4056 for more discussion.
https://issues.apache.org/jira/browse/HDFS-4056?focusedCommentId=13477142&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-13477142
> Use tokens regardless of authentication type
> --------------------------------------------
>
> Key: HADOOP-8779
> URL: https://issues.apache.org/jira/browse/HADOOP-8779
> Project: Hadoop Common
> Issue Type: New Feature
> Components: fs, security
> Affects Versions: 3.0.0, 2.0.2-alpha
> Reporter: Daryn Sharp
> Assignee: Daryn Sharp
>
> Security is a combination of authentication and authorization (tokens).
> Authorization may be granted independently of the authentication model.
> Tokens should be used regardless of simple or kerberos authentication.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
