[
https://issues.apache.org/jira/browse/RANGER-612?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14695965#comment-14695965
]
Madhan Neethiraj commented on RANGER-612:
-----------------------------------------
[~bosco] Only when Ranger policies are unable to determine the authorization
(either allow or deny) i.e. no Ranger policy exists for the access request,
HDFS ACLs would be used to determine the authorization.
> Update HDFS plugin to fallback to hadoop-acl only when there is no Ranger
> policy to determine the authorization
> ---------------------------------------------------------------------------------------------------------------
>
> Key: RANGER-612
> URL: https://issues.apache.org/jira/browse/RANGER-612
> Project: Ranger
> Issue Type: Sub-task
> Components: plugins
> Affects Versions: 0.5.0
> Reporter: Madhan Neethiraj
> Assignee: Madhan Neethiraj
> Fix For: 0.5.0
>
>
> Currently (ranger-0.5), Ranger HDFS plugin does a fallback to hadoop-acl when
> Ranger policies do not allow the requested access. This should be updated to
> fallback only when Ranger policies do not determine the authorization i.e.
> there is no Ranger policy to either ALLOW or DENY the access. This fix is
> required to support scenarios where Ranger policies can DENY the access.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
