[
https://issues.apache.org/jira/browse/HADOOP-4656?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12784586#action_12784586
]
Jakob Homan commented on HADOOP-4656:
-------------------------------------
Reviewed patch:
* Nit: Calling an abstract class GroupMappingImpl seems a bit odd, even if it
is technically correct for this. Service provider, maybe?
* In Groups.java the previous timer-based code is still present, but commented
out. Needs removed.
* Note: HADOOP-6299, if added as-is from the draft posted, will introduce code
duplication in terms of executing the shell. When that code is reviewed, we
should try to eliminate that.
* In the unit test, principal is spelled as principle.
* In the second-to-last line of the unit test, there is a spelling error of
subject.
* The provided unit test is very happy pathy. It'd be great if there were more
testing of failures. Gary suggested testing what happens if we pass a user name
that doesn't exist.
> Add a user to groups mapping service
> -------------------------------------
>
> Key: HADOOP-4656
> URL: https://issues.apache.org/jira/browse/HADOOP-4656
> Project: Hadoop Common
> Issue Type: Improvement
> Components: security
> Affects Versions: 0.19.0
> Reporter: Arun C Murthy
> Assignee: Boris Shkolnik
> Attachments: HADOOP-4656-1.patch, HADOOP-4656-2.patch,
> HADOOP-4656.patch, HADOOP-4656_0_20090108.patch
>
>
> Currently the IPC client sends the UGI which contains the user/group
> information for the Server. However this represents the groups for the user
> on the client-end. The more pertinent mapping from user to groups is actually
> the one seen by the Server. Hence the client should only send the user and we
> should add a 'group mapping service' so that the Server can query it for the
> mapping.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
