[
https://issues.apache.org/jira/browse/HADOOP-12203?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15018940#comment-15018940
]
Arpit Agarwal commented on HADOOP-12203:
----------------------------------------
Hi [~benoyantony], thanks for this refactoring. It will be good to have uniform
authorization.
+1 with a few nitpicks:
# AuthorizationManagerHelper#SERVICE_AUTHORIZATION_CONFIG - unused field?
# AuthorizationManagerHelper Constructor - comment _Flip to the newly parsed
permissions_ looks out of place. Since the flip occurs when the helper object
is replaced by the caller. Perhaps move the comment to
{{DefaultAuthorizationManager#refreshWithLoadedConfiguration}}.
# Any updates required to the _Service Level Authorization Guide_?
I assume you have tested these changes at eBay deployments. [~wheat9], do you
have any comments before I commit?
> Refactor Service Authorization Framework
> ----------------------------------------
>
> Key: HADOOP-12203
> URL: https://issues.apache.org/jira/browse/HADOOP-12203
> Project: Hadoop Common
> Issue Type: Sub-task
> Components: security
> Reporter: Benoy Antony
> Assignee: Benoy Antony
> Attachments: HADOOP-12203-001.patch, HADOOP-12203-002.patch
>
>
> Refactor Service Authorization Framework so that same framework can be used
> to authenticate requests for RPC and web resources.
> The _ServiceAuthorizationManager_ uses a Class object to identify the RPC
> protocol that the user is trying to access. While this works for an RPC
> protocol, it will not work in general.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
