[
https://issues.apache.org/jira/browse/HADOOP-8779?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13451135#comment-13451135
]
Aaron T. Myers commented on HADOOP-8779:
----------------------------------------
I think it's a bit of a misrepresentation to say that tokens are only used for
authorization. Yes, they also carry information that can be used to authorize
an otherwise authenticated client, but in some cases they are also used for
authentication itself, e.g. in the case of BlockTokens.
> Use tokens regardless of authentication type
> --------------------------------------------
>
> Key: HADOOP-8779
> URL: https://issues.apache.org/jira/browse/HADOOP-8779
> Project: Hadoop Common
> Issue Type: New Feature
> Components: fs, security
> Affects Versions: 3.0.0, 2.0.2-alpha
> Reporter: Daryn Sharp
> Assignee: Daryn Sharp
>
> Security is a combination of authentication and authorization (tokens).
> Authorization may be granted independently of the authentication model.
> Tokens should be used regardless of simple or kerberos authentication.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
