[
https://issues.apache.org/jira/browse/RANGER-4165?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Ramesh Mani updated RANGER-4165:
--------------------------------
Description:
Support SELF_OR_PREFIX resource matching scope in Ranger Authorization
This is need to create an api which can find whether a user/group is authorized
to the given operation on any resource of give type.
This is needed to implement a Ranger Kafka authorizer API which checks if the
caller is authorized to perform the given ACL operation on at least one
resource of the given type.
[https://kafka.apache.org/28/javadoc/org/apache/kafka/server/authorizer/Authorizer.html#authorizeByResourceType(org.apache.kafka.server.authorizer.AuthorizableRequestContext,org.apache.kafka.common.acl.AclOperation,org.apache.kafka.common.resource.ResourceType])
was:
API to find whether a user/group is authorized to the given operation on any
resource of give type.
This is needed to implement a Ranger Kafka authorizer API which checks if the
caller is authorized to perform the given ACL operation on at least one
resource of the given type.
[https://kafka.apache.org/28/javadoc/org/apache/kafka/server/authorizer/Authorizer.html#authorizeByResourceType(org.apache.kafka.server.authorizer.AuthorizableRequestContext,org.apache.kafka.common.acl.AclOperation,org.apache.kafka.common.resource.ResourceType])
> Support SELF_OR_PREFIX resource matching scope in Ranger Authorization
> -----------------------------------------------------------------------
>
> Key: RANGER-4165
> URL: https://issues.apache.org/jira/browse/RANGER-4165
> Project: Ranger
> Issue Type: Improvement
> Components: Ranger
> Affects Versions: 3.0.0
> Reporter: Ramesh Mani
> Assignee: Ramesh Mani
> Priority: Major
>
> Support SELF_OR_PREFIX resource matching scope in Ranger Authorization
> This is need to create an api which can find whether a user/group is
> authorized to the given operation on any resource of give type.
> This is needed to implement a Ranger Kafka authorizer API which checks if the
> caller is authorized to perform the given ACL operation on at least one
> resource of the given type.
> [https://kafka.apache.org/28/javadoc/org/apache/kafka/server/authorizer/Authorizer.html#authorizeByResourceType(org.apache.kafka.server.authorizer.AuthorizableRequestContext,org.apache.kafka.common.acl.AclOperation,org.apache.kafka.common.resource.ResourceType])
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
