Uploaded image for project: 'Hadoop Common'
  1. Hadoop Common
  2. HADOOP-9812

Authorization service for HAS

    XMLWordPrintableJSON

Details

    • Task
    • Status: Open
    • Major
    • Resolution: Unresolved
    • None
    • None
    • security

    Description

      This task defines and implements Authorization Server role for HAS. First, it provides the service level access token based authorization for HAS. It also provides fine-grained access control mechanisms for Hadoop to further enforce fine-grained access control for specific components, such as HDFS. This role along with related services can be configured into one HAS deployment. The scope of this task is highlighted as following:

      • Implement access token service defined in TokenAuth framework. The access token service provides service level authorization and grants access token according to the identity token and access permissions.
      • Define and implement authorization policy service in HAS for Hadoop services to retrieve and synchronize authorization policies.
      • Implement and provide authorization policy management, allowing admin to create and manage authorization policies to authorize system and resource accesses employing different authorization models with corresponding editors and tools;
      • Implement and provide authorization management facility, allowing admin to configure global settings and manage authorization policies across the system for the domain.

      Attachments

        Issue Links

          Activity

            People

              Unassigned Unassigned
              jerrychenhf Haifeng Chen
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated: