[
https://issues.apache.org/jira/browse/ACCUMULO-996?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13566865#comment-13566865
]
Keith Turner commented on ACCUMULO-996:
---------------------------------------
bq. Another option is to leave the client api pre-259, and just make the server
side have the pluggability, so we don't end up changing the authentication
token types in quick succession. I spent the majority of my time on the server
end, and unfortunately it's showing in the code.
I still have not had a change to make a comprehensive review of this yet, its
on my todo list. But what types of configurations were you hoping to support?
Below are some possibilities. Do you feel the current API would support these?
* Kerberose + LDAP
* Username/pass + LDAP
* Username/pass + Zookeeper
* PKI + LDAP
I just opened ACCUMULO-1009. Are there standard ways for doing PKI
authentication other than SSL? If not then that may push PKI off til 1.6, but
we would still want to think through the API implications as much as possible
now. For example in the end we may want a connection factory that can produce
authenticated (and possibly encrypted) connections to ACCUMULO servers. Users
could supply this connection factory to Accumulo configured however they like.
> explore exposing accumulo token in proxy
> ----------------------------------------
>
> Key: ACCUMULO-996
> URL: https://issues.apache.org/jira/browse/ACCUMULO-996
> Project: Accumulo
> Issue Type: Sub-task
> Components: proxy
> Reporter: Keith Turner
> Assignee: Eric Newton
> Fix For: 1.5.0
>
>
> with the new security related changes for 1.5, do the new authentication
> mechanism need to be exposed in the proxy?
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
