HI Arvind, Thanks for the clarifications and the pointer to new repo. Would check out the new repo. Regards Dilli
On Mon, Sep 16, 2013 at 11:46 AM, Arvind Prabhakar <[email protected]>wrote: > Hi Dilli, > > Thanks for reaching out to the Sentry dev list. Please see my comments > inline below: > > On Thu, Sep 12, 2013 at 11:09 AM, Dilli Arumugam < > [email protected]> wrote: > >> Hi Team, >> >> Trying to understand Sentry architecture and layers hoping to adopt and >> contribute to Sentry. >> >> Would appreciate any pointers and clarifications from the current >> committers. >> >> May be I did not find the right documentation or not reading the >> documentation and code right. >> >> Quickly browsed code checked out from >> https://github.com/cloudera/access.git >> to get some insight. >> > > This was the old repository. The new repository is at > https://git-wip-us.apache.org/repos/asf/incubator-sentry.git > > There is also a brief write-up on how to contribute to Sentry that you can > find here: > https://cwiki.apache.org/confluence/display/SENTRY/How+to+Contribute > > > >> >> It appears that Sentry segregates concerns into different layers >> >> >> sentry-core >> >> sentry-provider with sublayer sentry-provider-file >> >> sentry-bonding with sublayer sentry-binding-hive >> >> >> That is nice. >> >> >> But, code from sentry-core has classes and concepts such as Server, >> Database, Table, View etc. >> >> This, in my opinion does not belong in sentry-core and belongs to >> sentry-binding-hive. >> >> Would appreciate your comments and thoughts. >> > > This is a good observation, and we are of the same opinion too. There is > no one model yet for Sentry to implement and hence these concepts need to > be factored out of the core module. We will be doing the refactoring for > this soon to clean things up and make room for more security models to come > in. > > > >> >> >> Was debating whether Sentry team evaluated Shiro as an authorization >> framework. >> >> >> Looked into sentry pom file and found that Sentry pulls in Shiro >> dependency. >> >> >> But, looking into Sentry code indicates Sentry is using only a few classes >> from Shiro more like utility classes than using Shiro as authorization >> framework. >> >> >> Did Sentry team evaluate Shiro as authorization framework and then dropped >> it to choose only some utility classes from Shiro? >> >> Would appreciate your comments and thoughts. >> > > Yes we did evaluate Shiro to a certain extent early on but decided to > continue without it. However, it is not a hard decision and once we have > more development done, we can certainly take a closer look at bringing it > in if necessary. > > Regards, > Arvind Prabhakar > > >> >> Thanks >> >> Dilli >> >> -- >> CONFIDENTIALITY NOTICE >> NOTICE: This message is intended for the use of the individual or entity >> to >> which it is addressed and may contain information that is confidential, >> privileged and exempt from disclosure under applicable law. If the reader >> of this message is not the intended recipient, you are hereby notified >> that >> any printing, copying, dissemination, distribution, disclosure or >> forwarding of this communication is strictly prohibited. If you have >> received this communication in error, please contact the sender >> immediately >> and delete it from your system. Thank You. >> > > -- CONFIDENTIALITY NOTICE NOTICE: This message is intended for the use of the individual or entity to which it is addressed and may contain information that is confidential, privileged and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient, you are hereby notified that any printing, copying, dissemination, distribution, disclosure or forwarding of this communication is strictly prohibited. If you have received this communication in error, please contact the sender immediately and delete it from your system. Thank You.
