[
https://issues.apache.org/jira/browse/STORM-346?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14059194#comment-14059194
]
ASF GitHub Bot commented on STORM-346:
--------------------------------------
GitHub user Parth-Brahmbhatt opened a pull request:
https://github.com/apache/incubator-storm/pull/189
STORM-346: added AutoHDFS class that will get hdfs delegation tokens on
behalf of users, push it to workers and renew the delegation tokens
automatically.
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/Parth-Brahmbhatt/incubator-storm STORM-346
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/incubator-storm/pull/189.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #189
----
commit fe5f41aa8332700d3f98422cb7d986fc47289bcd
Author: Robert (Bobby) Evans <[email protected]>
Date: 2014-05-21T16:03:11Z
STORM-216: Added Authentication and Authorization.
This is an upmerged version of
https://github.com/yahoo/incubator-storm/tree/security
commit ce6e5d26384d7f5d831b35e4eff126fe214981d1
Author: Derek Dagit <[email protected]>
Date: 2014-05-22T18:34:23Z
rename test for consistent capitalization
commit 698bb9c9788b82d4127d861fb3ecf06a06b683c2
Author: Robert (Bobby) Evans <[email protected]>
Date: 2014-05-28T13:45:22Z
Merge branch 'master' into security
commit 6592b8209c49a98db15b3d6d228f488aa6c2e623
Author: Kishor Patil <[email protected]>
Date: 2014-06-09T15:42:39Z
Add missing ACLs to error znodes and remove auto vivification of error
znodes
commit cf2e8b7ee06b455a90bd4b3bfd53facef1369612
Author: Sriharsha Chintalapani <[email protected]>
Date: 2014-06-10T22:01:33Z
Storm 344. (Security) nimbus renew-credentials not calling
ICredentialsRenewer.renew
commit 0a98bee214b46ed20b566a9b49c3eca2895f9fd5
Author: Robert (Bobby) Evans <[email protected]>
Date: 2014-06-11T16:07:59Z
Merge branch 'master' into security-upmerge
Conflicts:
.gitignore
storm-core/src/clj/backtype/storm/daemon/drpc.clj
storm-core/src/clj/backtype/storm/daemon/executor.clj
storm-core/src/clj/backtype/storm/daemon/logviewer.clj
storm-core/src/clj/backtype/storm/daemon/worker.clj
storm-core/src/clj/backtype/storm/timer.clj
storm-core/src/clj/backtype/storm/ui/core.clj
storm-core/src/clj/backtype/storm/ui/helpers.clj
storm-core/src/clj/backtype/storm/util.clj
storm-core/src/jvm/backtype/storm/Config.java
storm-core/src/jvm/backtype/storm/utils/Utils.java
commit 118b9221b492ed8b91e6633c3cfb748bc1b82790
Author: Robert (Bobby) Evans <[email protected]>
Date: 2014-06-11T16:10:04Z
Merge branch 'master' into security
commit 2131a0aeb9074b2c83a09d7515ff8e8ae86f6eaf
Author: Robert (Bobby) Evans <[email protected]>
Date: 2014-06-12T15:58:13Z
Added back in the user to the web ui.
commit 41615b3c4b174077ac1c729af4aef32e5b79d3c5
Author: Robert (Bobby) Evans <[email protected]>
Date: 2014-06-12T15:59:46Z
Merge branch 'master' into security
commit bc91ed88d77e392f38c406d143e7ac37bc634564
Author: Robert (Bobby) Evans <[email protected]>
Date: 2014-06-12T16:01:35Z
Added license to UI template.
commit a762f1c5f99a7a9e77038399f0f14ae03b1414c7
Author: Robert (Bobby) Evans <[email protected]>
Date: 2014-06-12T17:48:51Z
Merge branch 'STORM-344' of https://github.com/harshach/incubator-storm
into STORM-344
STORM-344: (Security) nimbus renew-credentials not calling
ICredentialsRenewer.renew
commit 92e3a5742374a3a7c3aae20cbeda32ce7b033526
Author: Robert (Bobby) Evans <[email protected]>
Date: 2014-06-12T21:09:57Z
Merge branch 'master' into security-upmerge
Conflicts:
storm-core/src/clj/backtype/storm/LocalCluster.clj
storm-core/src/clj/backtype/storm/cluster.clj
storm-core/src/clj/backtype/storm/config.clj
storm-core/src/clj/backtype/storm/daemon/drpc.clj
storm-core/src/clj/backtype/storm/testing.clj
storm-core/src/clj/backtype/storm/testing4j.clj
storm-core/src/clj/backtype/storm/thrift.clj
storm-core/src/clj/backtype/storm/ui/core.clj
storm-core/src/clj/backtype/storm/util.clj
storm-core/src/clj/backtype/storm/zookeeper.clj
commit ab7784e49d251ca4da967c6ec6bc340cc7f940aa
Author: Kishor Patil <[email protected]>
Date: 2014-06-17T15:19:00Z
Force free a slot in bad-state
commit d1ba4fc4acdadd5e5e138395bdc5892dfdb88bff
Author: Derek Dagit <[email protected]>
Date: 2014-06-17T15:56:51Z
Do not clean up user file when rmr is unsuccessful
commit 87cdbf5fdf5bfb49b983604542283f05123d0d51
Author: Robert (Bobby) Evans <[email protected]>
Date: 2014-06-17T18:32:18Z
Merge branch 'STORM-357' of https://github.com/d2r/incubator-storm into
STORM-357
STORM-357: Cleans workers-users file only when rmr is successful
commit ea946d04dcb6df8e65dbf16500a361eaaba13432
Author: Kishor Patil <[email protected]>
Date: 2014-06-18T23:58:33Z
Show node details on errors for STORM-360 on security
commit 79089ad0da80e38eb36b7ea91be8b43795dc4efb
Author: Robert (Bobby) Evans <[email protected]>
Date: 2014-06-19T21:04:02Z
Merge tag 'v0.9.2-incubating' into security
[maven-release-plugin] copy for tag v0.9.2-incubating
Conflicts:
storm-core/pom.xml
commit f20df7d52d52abc9bc03a0cf45388241927cff5a
Author: Kishor Patil <[email protected]>
Date: 2014-06-20T20:35:16Z
Fixing coding style and component template
commit c545b9d638067c0ae4528e16f14e67c56e0dd47e
Author: Kishor Patil <[email protected]>
Date: 2014-06-20T23:01:00Z
Fix nimbus use of doto
commit d7c1d1d0a909079a370ed35aaac91668eef33a22
Author: Robert (Bobby) Evans <[email protected]>
Date: 2014-06-23T14:31:41Z
Merge branch 'node-on-error-security' of
https://github.com/kishorvpatil/incubator-storm into STORM-360-security
STORM-360: Add node details for Error Topology and Component pages on
security
commit 65aee65af54dd29434af8f5ee403233b597561b6
Author: Robert (Bobby) Evans <[email protected]>
Date: 2014-06-23T15:18:38Z
Merge branch 'master' into security
Conflicts:
storm-core/src/clj/backtype/storm/cluster.clj
storm-core/src/clj/backtype/storm/ui/core.clj
storm-core/test/clj/backtype/storm/cluster_test.clj
commit 28c168fd7d0272f88d586f6f572eab937b874f22
Author: Kishor Patil <[email protected]>
Date: 2014-06-24T19:12:56Z
Add check for empty table before sorting on security
commit 3c6930dfe4447b6077916b9f9a07b062141b5305
Author: Parth Brahmbhatt <[email protected]>
Date: 2014-07-07T18:36:49Z
AutoHDFS for getting HDFS delegation token and auto renew.
commit 00e80e9a132764d4b73737d2f7a52282e5247856
Author: Parth Brahmbhatt <[email protected]>
Date: 2014-07-07T18:43:59Z
Merge remote-tracking branch 'upstream/security' into security
commit e04c37356c96d9851c00542c739d053e4bf36481
Author: Parth Brahmbhatt <[email protected]>
Date: 2014-07-07T18:49:42Z
Revert "AutoHDFS for getting HDFS delegation token and auto renew."
This reverts commit 3c6930dfe4447b6077916b9f9a07b062141b5305.
commit 1094762bf9c3ae339500a3a4500d742367c33e63
Author: Parth Brahmbhatt <[email protected]>
Date: 2014-07-11T18:50:07Z
STORM-346: added AutoHDFS class that will get hdfs delegation tokens on
behalf of users, push it to workers and renew the delegation tokens
automatically.
----
> (Security) Oozie style delegation tokens for HDFS/HBase
> -------------------------------------------------------
>
> Key: STORM-346
> URL: https://issues.apache.org/jira/browse/STORM-346
> Project: Apache Storm (Incubating)
> Issue Type: Bug
> Reporter: Robert Joseph Evans
> Assignee: Parth Brahmbhatt
> Labels: security
>
> Oozie has the ability to fetch delegation tokens on behalf of other users by
> running as a super user that can become a proxy user for almost anyone else.
> We should build one or more classes similar to AutoTGT that can fetch a
> delegation token for HDFS/HBase, renew the token if needed, and then once the
> token is about to permanently expire fetch a new one.
> According to some people I have talked with HBase may need to have a JIRA
> filed against it so that it can pick up a new delegation token without
> needing to restart the process.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
