[
https://issues.apache.org/jira/browse/HADOOP-6581?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Jitendra Nath Pandey updated HADOOP-6581:
-----------------------------------------
Status: Open (was: Patch Available)
> Add authenticated TokenIdentifiers to UGI so that they can be used for
> authorization
> ------------------------------------------------------------------------------------
>
> Key: HADOOP-6581
> URL: https://issues.apache.org/jira/browse/HADOOP-6581
> Project: Hadoop Common
> Issue Type: New Feature
> Components: ipc, security
> Reporter: Kan Zhang
> Assignee: Kan Zhang
> Attachments: c6581-10.patch, c6581-12.patch, c6581-13.patch,
> c6581-14.patch, c6581-15.patch
>
>
> When token is used for authentication over RPC, information other than
> username may be needed for access authorization. This information is
> typically specified in TokenIdentifier. This is especially true for block
> tokens used for client-to-datanode accesses, where authorization is based on
> access permissions specified in TokenIdentifier, and not on username. Block
> tokens used to be called access tokens and one can think of them as
> capability tokens. See HADOOP-4359 for more info.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
