[
https://issues.apache.org/jira/browse/HADOOP-10959?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14379893#comment-14379893
]
Kai Zheng commented on HADOOP-10959:
------------------------------------
We're working on [Apache Kerby|https://github.com/apache/directory-kerby] and
the new mechanism {{TokenPreauth}} will be available in a month.
> A Kerberos based token authentication approach
> ----------------------------------------------
>
> Key: HADOOP-10959
> URL: https://issues.apache.org/jira/browse/HADOOP-10959
> Project: Hadoop Common
> Issue Type: New Feature
> Components: security
> Reporter: Kai Zheng
> Assignee: Kai Zheng
> Labels: Rhino
> Attachments: KerbToken-v2.pdf
>
>
> To implement and integrate pluggable authentication providers, enhance
> desirable single sign on for end users, and help enforce centralized access
> control on the platform, the community has widely discussed and concluded
> token based authentication could be the appropriate approach. TokenAuth
> (HADOOP-9392) was proposed and is under development to implement another
> Authentication Method in lieu with Simple and Kerberos. It is a big and long
> term effort to support TokenAuth across the entire ecosystem. We here propose
> a short term replacement based on Kerberos that can complement to TokenAuth.
> Our solution involves less codes changes with limited risk and the main
> development work has already been done in our POC. Users can use our solution
> as a short term solution to support token inside Hadoop.
> This effort and resultant solution will be fully described in the design
> document to be attached. And the brief introduction will be commented.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
