[
https://issues.apache.org/jira/browse/HADOOP-5851?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12723363#action_12723363
]
Philip Zeyliger commented on HADOOP-5851:
-----------------------------------------
I'm traveling overseas and will return on June 29th. For urgent
matters, please contact Amr Awadallah.
> proxy to call LDAP for IP lookup and get user ID and directories, validate
> requested URL
> ----------------------------------------------------------------------------------------
>
> Key: HADOOP-5851
> URL: https://issues.apache.org/jira/browse/HADOOP-5851
> Project: Hadoop Common
> Issue Type: New Feature
> Components: contrib/hdfsproxy
> Reporter: zhiyong zhang
> Assignee: zhiyong zhang
> Priority: Critical
> Attachments: HADOOP-5851.patch, HADOOP-5851.patch, HADOOP-5851.patch,
> HADOOP-5851.patch
>
>
> It is easy to manage user accounts using LDAP. by adding support for LDAP,
> proxy can do IP authorization in a headless fashion.
> when a user send a request, proxy extract IP address and request PathInfo
> from the request. then it searches the LDAP server to get the allowed HDFS
> root paths given the IP address. Proxy will match the user request PathInfo
> with the allowed HDFS root path, return 403 if it could not find a match.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
