[HADOOP-8943] Support multiple group mapping providers - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 2.5.0
Component/s: security
Labels:
None

Target Version/s:

2.0.3-alpha
Hadoop Flags:

Reviewed
Tags:
Group Mapping

Description

Discussed with Natty about LdapGroupMapping, we need to improve it so that:
1. It's possible to do different group mapping for different users/principals. For example, AD user should go to LdapGroupMapping service for group, but service principals such as hdfs, mapred can still use the default one ShellBasedUnixGroupsMapping;

2. Multiple ADs can be supported to do LdapGroupMapping;

3. It's possible to configure what kind of users/principals (regarding domain/realm is an option) should use which group mapping service/mechanism.

4. It's possible to configure and combine multiple existing mapping providers without writing codes implementing new one.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

hadoop-8943-v4.patch
26/Jun/14 09:45
19 kB
Kai Zheng
hadoop-8943-v3.patch
24/Jun/14 10:50
19 kB
Kai Zheng
hadoop-8943-v2.patch
23/Jun/14 11:01
19 kB
Kai Zheng
HADOOP-8943.patch
15/Dec/12 10:06
27 kB
Kai Zheng
HADOOP-8943.patch
15/Dec/12 01:42
11 kB
Kai Zheng
HADOOP-8943.patch
14/Nov/12 00:02
27 kB
Kai Zheng

Issue Links

Dependent

HADOOP-12797 Write a better tutorial for LdapGroupsMapping and CompositeGroupsMapping

Resolved

is related to

HADOOP-4656 Add a user to groups mapping service

Closed

Activity

People

Assignee:: Kai Zheng

Reporter:: Kai Zheng

Votes:: 1 Vote for this issue

Watchers:: 17 Start watching this issue

Dates

Created:: 19/Oct/12 02:39

Updated:: 12/Feb/16 22:58

Resolved:: 26/Jun/14 19:21

Time Tracking

Estimated:

504h

Remaining:

504h

Logged:

Not Specified