[ https://issues.apache.org/jira/browse/HADOOP-12203?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15018940#comment-15018940 ]
Arpit Agarwal commented on HADOOP-12203: ---------------------------------------- Hi [~benoyantony], thanks for this refactoring. It will be good to have uniform authorization. +1 with a few nitpicks: # AuthorizationManagerHelper#SERVICE_AUTHORIZATION_CONFIG - unused field? # AuthorizationManagerHelper Constructor - comment _Flip to the newly parsed permissions_ looks out of place. Since the flip occurs when the helper object is replaced by the caller. Perhaps move the comment to {{DefaultAuthorizationManager#refreshWithLoadedConfiguration}}. # Any updates required to the _Service Level Authorization Guide_? I assume you have tested these changes at eBay deployments. [~wheat9], do you have any comments before I commit? > Refactor Service Authorization Framework > ---------------------------------------- > > Key: HADOOP-12203 > URL: https://issues.apache.org/jira/browse/HADOOP-12203 > Project: Hadoop Common > Issue Type: Sub-task > Components: security > Reporter: Benoy Antony > Assignee: Benoy Antony > Attachments: HADOOP-12203-001.patch, HADOOP-12203-002.patch > > > Refactor Service Authorization Framework so that same framework can be used > to authenticate requests for RPC and web resources. > The _ServiceAuthorizationManager_ uses a Class object to identify the RPC > protocol that the user is trying to access. While this works for an RPC > protocol, it will not work in general. -- This message was sent by Atlassian JIRA (v6.3.4#6332)