[
https://issues.apache.org/jira/browse/HADOOP-6581?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12869395#action_12869395
]
Jitendra Nath Pandey commented on HADOOP-6581:
----------------------------------------------
TestAvroRpc fails with avro-1.3.1 even without this patch.
> Add authenticated TokenIdentifiers to UGI so that they can be used for
> authorization
> ------------------------------------------------------------------------------------
>
> Key: HADOOP-6581
> URL: https://issues.apache.org/jira/browse/HADOOP-6581
> Project: Hadoop Common
> Issue Type: New Feature
> Components: ipc, security
> Reporter: Kan Zhang
> Assignee: Kan Zhang
> Attachments: c6581-10.patch, c6581-12.patch, c6581-13.patch,
> c6581-14.patch, c6581-15.patch, c6581-16.patch, c6581-17.patch
>
>
> When token is used for authentication over RPC, information other than
> username may be needed for access authorization. This information is
> typically specified in TokenIdentifier. This is especially true for block
> tokens used for client-to-datanode accesses, where authorization is based on
> access permissions specified in TokenIdentifier, and not on username. Block
> tokens used to be called access tokens and one can think of them as
> capability tokens. See HADOOP-4359 for more info.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
