[
https://issues.apache.org/jira/browse/HBASE-5732?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13270791#comment-13270791
]
[email protected] commented on HBASE-5732:
------------------------------------------------------
bq. On 2012-05-02 23:02:22, Michael Stack wrote:
bq. >
I am not sure what step I missed the last time (when I answered your questions)
that reviewboard didn't publish the responses.. Trying again.
bq. On 2012-05-02 23:02:22, Michael Stack wrote:
bq. >
http://svn.apache.org/repos/asf/hbase/trunk/src/main/java/org/apache/hadoop/hbase/security/AccessDeniedException.java,
line 1
bq. > <https://reviews.apache.org/r/4953/diff/1/?file=105842#file105842line1>
bq. >
bq. > This exception should be at top level in hbase?
bq.
bq. Michael Stack wrote:
bq. Did you address this in your subsequent patch?
I left it where it was originally. I think its fine as is..
bq. On 2012-05-02 23:02:22, Michael Stack wrote:
bq. > http://svn.apache.org/repos/asf/hbase/trunk/src/main/protobuf/RPC.proto,
line 50
bq. > <https://reviews.apache.org/r/4953/diff/1/?file=105864#file105864line50>
bq. >
bq. > So, if no user, its insecure hbase? Good.
bq. >
bq. > I don't see you regenerating pb stuff after making these changes in
this proto file.
bq.
bq. Michael Stack wrote:
bq. What about above?
On the first question, its to do with proxy users. Basically, 'proxy-user'
allows someone like the Oozie server to access HBase on behalf of some other
effective user. The HBase server could still keep track of who is the the real
user and who is the effective user. Documented here -
http://hadoop.apache.org/common/docs/current/Secure_Impersonation.html ). Again
this was already there in the original code. I made the realuser optional since
its not always going to be there.
There is actually - RPCProtos.java
bq. On 2012-05-02 23:02:22, Michael Stack wrote:
bq. >
http://svn.apache.org/repos/asf/hbase/trunk/src/test/resources/hbase-site.xml,
line 129
bq. > <https://reviews.apache.org/r/4953/diff/1/?file=105872#file105872line129>
bq. >
bq. > What is this? Mistake?
I merged in the stuff from hbase-site.xml from the security/src/test/resources
into the src/test/resources one since the security one would go away (yeah you
won't know about it unless you do a manual diff of the two hbase-site.xml
files).
bq. On 2012-05-02 23:02:22, Michael Stack wrote:
bq. >
http://svn.apache.org/repos/asf/hbase/trunk/src/main/java/org/apache/hadoop/hbase/security/User.java,
line 19
bq. > <https://reviews.apache.org/r/4953/diff/1/?file=105846#file105846line19>
bq. >
bq. > This class should go up to the top level of hbase and not be hidden
down here in security now it is used by both secure and insecure hbase?
bq.
bq. Michael Stack wrote:
bq. Ditto
I'd like to leave it as is since the class aims to shim the security related
aspects of 'User' (Other than that it would save lots of lines in the patch if
the package name is kept intact).
- Devaraj
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/4953/#review7488
-----------------------------------------------------------
On 2012-05-08 07:45:11, Devaraj Das wrote:
bq.
bq. -----------------------------------------------------------
bq. This is an automatically generated e-mail. To reply, visit:
bq. https://reviews.apache.org/r/4953/
bq. -----------------------------------------------------------
bq.
bq. (Updated 2012-05-08 07:45:11)
bq.
bq.
bq. Review request for Ted Yu, Michael Stack and Andrew Purtell.
bq.
bq.
bq. Summary
bq. -------
bq.
bq. Reviewboard request for HBASE-5732
bq.
bq.
bq. This addresses bug HBASE-5732.
bq. https://issues.apache.org/jira/browse/HBASE-5732
bq.
bq.
bq. Diffs
bq. -----
bq.
bq. http://svn.apache.org/repos/asf/hbase/trunk/pom.xml 1335359
bq.
http://svn.apache.org/repos/asf/hbase/trunk/src/main/java/org/apache/hadoop/hbase/client/AdminProtocol.java
1335359
bq.
http://svn.apache.org/repos/asf/hbase/trunk/src/main/java/org/apache/hadoop/hbase/client/ClientProtocol.java
1335359
bq.
http://svn.apache.org/repos/asf/hbase/trunk/src/main/java/org/apache/hadoop/hbase/ipc/ConnectionHeader.java
1335359
bq.
http://svn.apache.org/repos/asf/hbase/trunk/src/main/java/org/apache/hadoop/hbase/ipc/HBaseClient.java
1335359
bq.
http://svn.apache.org/repos/asf/hbase/trunk/src/main/java/org/apache/hadoop/hbase/ipc/HBaseServer.java
1335359
bq.
http://svn.apache.org/repos/asf/hbase/trunk/src/main/java/org/apache/hadoop/hbase/ipc/RegionServerStatusProtocol.java
1335359
bq.
http://svn.apache.org/repos/asf/hbase/trunk/src/main/java/org/apache/hadoop/hbase/ipc/WritableRpcEngine.java
1335359
bq.
http://svn.apache.org/repos/asf/hbase/trunk/src/main/java/org/apache/hadoop/hbase/protobuf/generated/RPCProtos.java
1335359
bq.
http://svn.apache.org/repos/asf/hbase/trunk/src/main/java/org/apache/hadoop/hbase/security/AccessDeniedException.java
PRE-CREATION
bq.
http://svn.apache.org/repos/asf/hbase/trunk/src/main/java/org/apache/hadoop/hbase/security/HBasePolicyProvider.java
PRE-CREATION
bq.
http://svn.apache.org/repos/asf/hbase/trunk/src/main/java/org/apache/hadoop/hbase/security/HBaseSaslRpcClient.java
PRE-CREATION
bq.
http://svn.apache.org/repos/asf/hbase/trunk/src/main/java/org/apache/hadoop/hbase/security/HBaseSaslRpcServer.java
PRE-CREATION
bq.
http://svn.apache.org/repos/asf/hbase/trunk/src/main/java/org/apache/hadoop/hbase/security/User.java
1335359
bq.
http://svn.apache.org/repos/asf/hbase/trunk/src/main/java/org/apache/hadoop/hbase/security/access/AccessControlFilter.java
PRE-CREATION
bq.
http://svn.apache.org/repos/asf/hbase/trunk/src/main/java/org/apache/hadoop/hbase/security/access/AccessControlLists.java
PRE-CREATION
bq.
http://svn.apache.org/repos/asf/hbase/trunk/src/main/java/org/apache/hadoop/hbase/security/access/AccessController.java
PRE-CREATION
bq.
http://svn.apache.org/repos/asf/hbase/trunk/src/main/java/org/apache/hadoop/hbase/security/access/AccessControllerProtocol.java
PRE-CREATION
bq.
http://svn.apache.org/repos/asf/hbase/trunk/src/main/java/org/apache/hadoop/hbase/security/access/Permission.java
PRE-CREATION
bq.
http://svn.apache.org/repos/asf/hbase/trunk/src/main/java/org/apache/hadoop/hbase/security/access/TableAuthManager.java
PRE-CREATION
bq.
http://svn.apache.org/repos/asf/hbase/trunk/src/main/java/org/apache/hadoop/hbase/security/access/TablePermission.java
PRE-CREATION
bq.
http://svn.apache.org/repos/asf/hbase/trunk/src/main/java/org/apache/hadoop/hbase/security/access/UserPermission.java
PRE-CREATION
bq.
http://svn.apache.org/repos/asf/hbase/trunk/src/main/java/org/apache/hadoop/hbase/security/access/ZKPermissionWatcher.java
PRE-CREATION
bq.
http://svn.apache.org/repos/asf/hbase/trunk/src/main/java/org/apache/hadoop/hbase/security/token/AuthenticationKey.java
PRE-CREATION
bq.
http://svn.apache.org/repos/asf/hbase/trunk/src/main/java/org/apache/hadoop/hbase/security/token/AuthenticationProtocol.java
PRE-CREATION
bq.
http://svn.apache.org/repos/asf/hbase/trunk/src/main/java/org/apache/hadoop/hbase/security/token/AuthenticationTokenIdentifier.java
PRE-CREATION
bq.
http://svn.apache.org/repos/asf/hbase/trunk/src/main/java/org/apache/hadoop/hbase/security/token/AuthenticationTokenSecretManager.java
PRE-CREATION
bq.
http://svn.apache.org/repos/asf/hbase/trunk/src/main/java/org/apache/hadoop/hbase/security/token/AuthenticationTokenSelector.java
PRE-CREATION
bq.
http://svn.apache.org/repos/asf/hbase/trunk/src/main/java/org/apache/hadoop/hbase/security/token/TokenProvider.java
PRE-CREATION
bq.
http://svn.apache.org/repos/asf/hbase/trunk/src/main/java/org/apache/hadoop/hbase/security/token/TokenUtil.java
PRE-CREATION
bq.
http://svn.apache.org/repos/asf/hbase/trunk/src/main/java/org/apache/hadoop/hbase/security/token/ZKSecretWatcher.java
PRE-CREATION
bq. http://svn.apache.org/repos/asf/hbase/trunk/src/main/protobuf/RPC.proto
1335359
bq.
http://svn.apache.org/repos/asf/hbase/trunk/src/test/java/org/apache/hadoop/hbase/security/access/SecureTestUtil.java
PRE-CREATION
bq.
http://svn.apache.org/repos/asf/hbase/trunk/src/test/java/org/apache/hadoop/hbase/security/access/TestAccessControlFilter.java
PRE-CREATION
bq.
http://svn.apache.org/repos/asf/hbase/trunk/src/test/java/org/apache/hadoop/hbase/security/access/TestAccessController.java
PRE-CREATION
bq.
http://svn.apache.org/repos/asf/hbase/trunk/src/test/java/org/apache/hadoop/hbase/security/access/TestTablePermissions.java
PRE-CREATION
bq.
http://svn.apache.org/repos/asf/hbase/trunk/src/test/java/org/apache/hadoop/hbase/security/access/TestZKPermissionsWatcher.java
PRE-CREATION
bq.
http://svn.apache.org/repos/asf/hbase/trunk/src/test/java/org/apache/hadoop/hbase/security/token/TestTokenAuthentication.java
PRE-CREATION
bq.
http://svn.apache.org/repos/asf/hbase/trunk/src/test/java/org/apache/hadoop/hbase/security/token/TestZKSecretWatcher.java
PRE-CREATION
bq.
http://svn.apache.org/repos/asf/hbase/trunk/src/test/resources/hbase-site.xml
1335359
bq.
bq. Diff: https://reviews.apache.org/r/4953/diff
bq.
bq.
bq. Testing
bq. -------
bq.
bq. All unit tests pass.
bq.
bq.
bq. Thanks,
bq.
bq. Devaraj
bq.
bq.
> Remove the SecureRPCEngine and merge the security-related logic in the core
> engine
> ----------------------------------------------------------------------------------
>
> Key: HBASE-5732
> URL: https://issues.apache.org/jira/browse/HBASE-5732
> Project: HBase
> Issue Type: Improvement
> Reporter: Devaraj Das
> Assignee: Devaraj Das
> Attachments: 5732-rpcengine-merge.7.patch, rpcengine-merge.3.patch,
> rpcengine-merge.4.patch, rpcengine-merge.patch
>
>
> Remove the SecureRPCEngine and merge the security-related logic in the core
> engine. Follow up to HBASE-5727.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
