[
https://issues.apache.org/jira/browse/ACCUMULO-1681?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
John Vines updated ACCUMULO-1681:
---------------------------------
Attachment: ACCUMULO-1681.patch
The attached patch converts the interface to the improved mechanism. Since I
just made this ticket last night, I'm going to wait a few days before
committing it in case discussion is warranted.
> Adjust Authorizor Interface to validate auths instead of retrieving a list
> --------------------------------------------------------------------------
>
> Key: ACCUMULO-1681
> URL: https://issues.apache.org/jira/browse/ACCUMULO-1681
> Project: Accumulo
> Issue Type: Bug
> Components: tserver
> Reporter: John Vines
> Assignee: John Vines
> Fix For: 1.6.0
>
> Attachments: ACCUMULO-1681.patch
>
>
> Currently the Authorizor interface is used to request a set of authorizations
> which then get checked against the authorizations a user is attempting to
> use. However, some security systems only support the ability to validate
> authorizations/permissions/roles and not provide a list. That makes these
> systems (entirely) incompatible with Accumulo when they don't have to be.
> We should switch the behavior of Accumulo to ask the Authorizor (via
> SecurityOperations) if the auths are valid. The existing getAuths
> functionality will still use that call and would have potentially limited
> support, similar to the potentially limited support of any of the set
> operations.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
