[jira] [Commented] (TRAFODION-2059) Add support for Active Directory

Sun, 12 Jun 2016 13:31:06 -0700 

    [ 
https://issues.apache.org/jira/browse/TRAFODION-2059?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15326620#comment-15326620
 ] 

Roberta Marton commented on TRAFODION-2059:
-------------------------------------------

While testing Kerberos support for both Hortonworks and Cloudera distros, it
was noticed that they allow both MIT Kerberos and AD (active directory).
This JIRA was written so we don't forget to test AD.  I am hoping that this
is just a "testing" effort.  So this JIRA was added for completeness.

As far as your question "can we incorporate other solutions for
authentication and authorization?" is more complex. It is something I have
been thinking about and researching.   This might be a good topic to start a
"user" thread on.

Some things to keep in mind:

Trafodion runs on several different distributions (and in vanilla mode).
Trafodion needs a solution that works with all without supporting a lot of
specialized code. For example, Cloudera and Hortonworks look at security in
different ways which make it hard for a product like Trafodion to fit in
without writing specialized code.

The code that was donated for Trafodion already supports these features.
So, we need to redesign parts of our code to use potentially other  ASF
products.  This is not a bad thing and is probably going to be what happens.
For example, I have looked at Apache Shiro (a Java interface that connects
to existing authentication and authorization solutions) that we could
possible use to interface to other solutions.

Other authentication solutions are going to be required going forward.
Trafodion needs to be prepared to support them with little ease.

   Roberta



> Add support for Active Directory
> --------------------------------
>
>                 Key: TRAFODION-2059
>                 URL: https://issues.apache.org/jira/browse/TRAFODION-2059
>             Project: Apache Trafodion
>          Issue Type: New Feature
>          Components: sql-security
>            Reporter: Roberta Marton
>
> Today, we support only LDAP authentication.  However, both Hortonworks and 
> Cloudera support AD (active directory).  Our customers have also been asking 
> for this support. 



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to