[
https://issues.apache.org/jira/browse/HADOOP-9813?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13735225#comment-13735225
]
Sanjay Radia commented on HADOOP-9813:
--------------------------------------
I don't get this one. Can you give use cases and examples of policies for
authorization.
bq. Take HDFS for example, when a user is trying to access a file or a folder,
name node will call into this library and pass the resource identifier and the
rights needed.
Are you assuming that ALL hadoop resources have global resource identifiers?
> Fine-grained authorization library for HAS
> ------------------------------------------
>
> Key: HADOOP-9813
> URL: https://issues.apache.org/jira/browse/HADOOP-9813
> Project: Hadoop Common
> Issue Type: Task
> Components: security
> Affects Versions: 3.0.0
> Reporter: Jerry Chen
> Labels: Rhino
>
> This is to define and provide authorization enforcement library for Hadoop
> services. It provides the utilities to load and enforce security policies
> through related services provided by the Authorization Service of HAS. Hadoop
> components call these utilities to enforce the authorization policies. Take
> HDFS for example, when a user is trying to access a file or a folder, name
> node will call into this library and pass the resource identifier and the
> rights needed. The scope of this is as follows:
> * Define and implement authorization policy enforcement API to be utilized by
> Hadoop services to enforce authorization policies.
> * Define and implement authorization policy load and sync facilities.
> * Define and implement authorization policy evaluation engine.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
