[jira] [Commented] (ACCUMULO-259) ZKAuthentictor needs to be split up

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

[jira] [Commented] (ACCUMULO-259) ZKAuthentictor needs to be split up

JIRA jira@apache.org

    [ https://issues.apache.org/jira/browse/ACCUMULO-259?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13405321#comment-13405321 ]

John Vines commented on ACCUMULO-259:
-------------------------------------

I opened up a discussion on the dev mailing list regarding splitting the permissions to modify users authorizations from the permission to mess with a users security labels. I'm thinking we made need a third split of the security framework in case we want to differentiate data sources for the ACLs from the data source for a users Authorities. While I think that this will make it more complicated, I feel this is necessary because ACLs are distinctly different from Authorities. Thoughts?
               

> ZKAuthentictor needs to be split up
> -----------------------------------
>
>                 Key: ACCUMULO-259
>                 URL: https://issues.apache.org/jira/browse/ACCUMULO-259
>             Project: Accumulo
>          Issue Type: Improvement
>          Components: master, tserver
>            Reporter: John Vines
>            Assignee: John Vines
>             Fix For: 1.5.0
>
>
> Currently the ZKAuthenticator does both the checking of credentials as well as the functionality of the Authenticator. We need to split those into two different classes for improved testing as well as pluggability of the security scheme.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira