[ https://issues.apache.org/jira/browse/HADOOP-9813?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13735225#comment-13735225 ]
Sanjay Radia commented on HADOOP-9813: -------------------------------------- I don't get this one. Can you give use cases and examples of policies for authorization. bq. Take HDFS for example, when a user is trying to access a file or a folder, name node will call into this library and pass the resource identifier and the rights needed. Are you assuming that ALL hadoop resources have global resource identifiers? > Fine-grained authorization library for HAS > ------------------------------------------ > > Key: HADOOP-9813 > URL: https://issues.apache.org/jira/browse/HADOOP-9813 > Project: Hadoop Common > Issue Type: Task > Components: security > Affects Versions: 3.0.0 > Reporter: Jerry Chen > Labels: Rhino > > This is to define and provide authorization enforcement library for Hadoop > services. It provides the utilities to load and enforce security policies > through related services provided by the Authorization Service of HAS. Hadoop > components call these utilities to enforce the authorization policies. Take > HDFS for example, when a user is trying to access a file or a folder, name > node will call into this library and pass the resource identifier and the > rights needed. The scope of this is as follows: > * Define and implement authorization policy enforcement API to be utilized by > Hadoop services to enforce authorization policies. > * Define and implement authorization policy load and sync facilities. > * Define and implement authorization policy evaluation engine. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira