[
https://issues.apache.org/jira/browse/HADOOP-9836?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Yi Liu updated HADOOP-9836:
---------------------------
Status: Patch Available (was: Open)
Update the patch.
This patch includes interfaces of Token, IdentityToken and AccessToken.
Developers can extend these interfaces to do customization. Token is issued to
user by service and will be used in the users’ following requests.
In general, a token contains subject, timestamps, audiences, attributes and so
on, and this patch also includes the definition of these items. A token should
be able to be signed and encrypted, and admin can renew or cancel the token.
This patch define “SecurityManager” and “TokenRenewer” interfaces which should
be implemented for specific token.
> Token definition and API
> ------------------------
>
> Key: HADOOP-9836
> URL: https://issues.apache.org/jira/browse/HADOOP-9836
> Project: Hadoop Common
> Issue Type: Sub-task
> Components: security
> Affects Versions: 3.0.0
> Reporter: Yi Liu
> Labels: Rhino
> Attachments: HADOOP-9836.patch, HADOOP-9836.patch
>
>
> We need to define common token attributes and APIs for TokenAuth framework
> which makes the arbitrary token format can be adopted into the framework.
> This JIRA is a sub-task of TokenAuth framework. Common token properties, APIs
> and facilities that identity/access token requires will be defined. In this
> JIRA, we'll:
> • Define Token generation API, includes Token
> serialization/deserialization, Token encryption/sign and Token
> revoke/expire/renew.
> • Define Token validation API, includes Token decryption/verify and Token
> check(timestamp, audience, etc)
> • Define Token Attribute API, includes attributes setting, query and so
> on.
> • Define required attributes and optional attributes for identity token
> and access token.
> • Implement Token Utilities, such as print/debug.
--
This message was sent by Atlassian JIRA
(v6.1#6144)
