> On Feb. 5, 2015, 12:18 a.m., Abraham Elmahrek wrote: > > security/src/main/java/org/apache/sqoop/security/Authorization/DefaultAuthenticationProvider.java, > > line 27 > > <https://reviews.apache.org/r/30550/diff/2/?file=845234#file845234line27> > > > > Why not use RequestContext to pass user and group information around? A > > global instance seems like it would be prone to concurrency issues. Though, > > I think this implementation works. > > > > Check out RequestContext for an existing implementation. Would it not > > be enough? > > richard zhou wrote: > We could use RequestContext, but it is not so general. You know, Sentry > or other Authorization implement do not need to know the Context in Sqoop. > What they need is a general Authenticator, which could get the user name and > group name, and that's all. The RequestConext has a huge scope of URL request > information, which should not be exposed to 3rd part code. > It is implemented similar with Hive.
https://github.com/apache/hive/blob/trunk/ql/src/java/org/apache/hadoop/hive/ql/security/HiveAuthenticationProvider.java - richard ----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/30550/#review71093 ----------------------------------------------------------- On Feb. 3, 2015, 8:18 a.m., richard zhou wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/30550/ > ----------------------------------------------------------- > > (Updated Feb. 3, 2015, 8:18 a.m.) > > > Review request for Sqoop. > > > Repository: sqoop-sqoop2 > > > Description > ------- > > SQOOP2: Integration with Sentry > Add a authentication provider to get do_user's name and group. > > > Diffs > ----- > > core/src/main/java/org/apache/sqoop/security/AuthenticationHandler.java > 6fb6d1dabcce7b81000a89cf6cadbf717fe8dd38 > core/src/main/java/org/apache/sqoop/security/AuthenticationProvider.java > PRE-CREATION > core/src/main/java/org/apache/sqoop/security/AuthorizationHandler.java > 51fc2dc1349cd75cf6f16b65e882e44d516430a7 > core/src/main/java/org/apache/sqoop/security/AuthorizationManager.java > cfa7a668a715bfb2212a8ddf857ff721bbd562b4 > core/src/main/java/org/apache/sqoop/security/SecurityConstants.java > 3db8f43e1080ba6911e66a7e9e5058331422acc0 > core/src/main/java/org/apache/sqoop/security/SecurityError.java > c68b666c83212d91e183d8041e694629a62b7224 > core/src/main/java/org/apache/sqoop/security/SecurityFactory.java > b4274108fafdcbb0ce5d73ee349211c6cfdba277 > dist/src/main/server/conf/sqoop.properties > fbcb1fa6bd526d87ef0c87d634dda2ea4ceac214 > > security/src/main/java/org/apache/sqoop/security/Authorization/DefaultAuthenticationProvider.java > PRE-CREATION > > security/src/main/java/org/apache/sqoop/security/Authorization/DefaultAuthorizationHandler.java > 9cd2e3385729f65aa819fa4f31a23c6958c09ac0 > > Diff: https://reviews.apache.org/r/30550/diff/ > > > Testing > ------- > > local > > > Thanks, > > richard zhou > >
