Given that the token/ugi APIs are being used in other ecosystem components too (like Hive, HCatalog & Oozie), and in general, that security model will probably hold for other projects too, I think that its not an unfair expectation from Hadoop that it should maintain compatibility on UGI/Token* interfaces (*smile*).
On Mar 6, 2012, at 11:57 AM, Arun C Murthy wrote: > Andy - could you please start a discussion? > > We could, at the very least, mark UGI as LimitedPrivate for HBase and work > with you guys to maintain compatibility for the future. Makes sense? > > thanks, > Arun > > On Mar 6, 2012, at 10:21 AM, Andrew Purtell wrote: > >> After that, I believe we can merge the security sources in. However we may >> have an issue going forward because UGI is an unstable/private API. Needs >> sorting out with core at some point. >> >> Best regards, >> >> - Andy >> >> >> On Mar 6, 2012, at 9:55 AM, Stack <[email protected]> wrote: >> >>> On Tue, Mar 6, 2012 at 9:10 AM, Andrew Purtell <[email protected]> wrote: >>>> ...however we can't easily build a single artifact because the secure RPC >>>> engine, as it interacts with the Hadoop auth framework, must use >>>> UserGroupInformation. >>>> >>> >>> OK. So security story needs a bit of work. Sounds like we have >>> enough votes though to require hadoop 1.0.0 at least in 0.96. >>> >>> St.Ack > > -- > Arun C. Murthy > Hortonworks Inc. > http://hortonworks.com/ > >
