I think as a design exercise, if someone has that kind of bandwidth, this could be fun. We wouldn't want to duplicate the region level API at the regionserver level, that will make it interesting. However, like Gary said in his response, the reason it is not done so now for the AccessController is because much (most) context for making an access control decision is at the region level.
For TokenProvider, it could make sense to have only one per RS, however it is an Endpoint based service and currently only region coprocessors can be endpoints. Plumbing endpoint invocations to regionserver level observers and reimplementing TokenProvider as an endpoint service there sounds like a clean subset of the work to try out. On Wed, May 15, 2013 at 10:13 AM, Matteo Bertozzi <[email protected]>wrote: > Is there a reason to not have them as RegionServer coprocessors (loaded > only once per RS)? > -- Best regards, - Andy Problems worthy of attack prove their worth by hitting back. - Piet Hein (via Tom White)
