Madhan Neethiraj created RANGER-5309:
----------------------------------------
Summary: module: authz-api
Key: RANGER-5309
URL: https://issues.apache.org/jira/browse/RANGER-5309
Project: Ranger
Issue Type: Sub-task
Components: pdp
Reporter: Madhan Neethiraj
Assignee: Madhan Neethiraj
Define remotable authorization API in a module. This API will be used by
applications to authorize access to their resources using Ranger policies.
There will be two implementations of this API:
# Embedded authorizer: Ranger policy engine will be running in the same
process space as the application calling authorization API. This implementation
is suitable for:
** services developed in Java
** long running services i.e., services that incurr the cost of policy engine
initialization once
** require fastest response, since policy-evaluations are performed in-process
# Remote authorizer: Ranger policy engine will be running in a remote process,
Ranger policy-decision-point (PDP) server. Authorizer implementation makes REST
API call Ranger PDP server to evaluate the authorization request, and return
the response to the caller.
** This implementation is suitable for applications not written in Java.
Initially implementation will be provided in Java and Python languages. Support
for other languages can be added as needed
** services that live only for a short time, elmilnate the cost of policy
engine initialzation
** services that are not very sensitive to time taken to authorize access.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
