[
https://issues.apache.org/jira/browse/ACCUMULO-996?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13564625#comment-13564625
]
Keith Turner commented on ACCUMULO-996:
---------------------------------------
bq. This will work for the tokens we provide, but not for any developer-user
generated tokens. However, it's better than nothing.
Could possibly do something like the following to make it more extensible. The
user could then plug things into the proxy to handle arbitrary authentication.
{code}
//authClass : a java class to use in the proxy for authentication
ProxyToken authenticate(String authClass, binary authdata);
{code}
But this is probably not general enough. PKI authentication will not be a one
shot rpc, it will be series of challenges and responses. So its probably not
worth generalizing at this point. Just create specialized authentication
methods for now.
Also I am thinking that ProxyToken should contain a byte array instead of a
long. This way it can be contain different data for different authentication
methods.
> explore exposing accumulo token in proxy
> ----------------------------------------
>
> Key: ACCUMULO-996
> URL: https://issues.apache.org/jira/browse/ACCUMULO-996
> Project: Accumulo
> Issue Type: Sub-task
> Components: proxy
> Reporter: Keith Turner
> Assignee: Eric Newton
> Fix For: 1.5.0
>
>
> with the new security related changes for 1.5, do the new authentication
> mechanism need to be exposed in the proxy?
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
