[ACCUMULO-1681] Adjust Authorizor Interface to validate auths instead of retrieving a list - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 1.6.0
Component/s: tserver
Labels:
None

Description

Currently the Authorizor interface is used to request a set of authorizations which then get checked against the authorizations a user is attempting to use. However, some security systems only support the ability to validate authorizations/permissions/roles and not provide a list. That makes these systems (entirely) incompatible with Accumulo when they don't have to be.

We should switch the behavior of Accumulo to ask the Authorizor (via SecurityOperations) if the auths are valid. The existing getAuths functionality will still use that call and would have potentially limited support, similar to the potentially limited support of any of the set operations.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

ACCUMULO-1681.patch
04/Sep/13 18:12
7 kB
John Vines
ACCUMULO-1681.v2.patch
06/Sep/13 21:11
16 kB
John Vines

Activity

People

Assignee:: John Vines

Reporter:: John Vines

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 03/Sep/13 22:02

Updated:: 28/Oct/13 23:16

Resolved:: 28/Oct/13 23:16