Hi Dilli, Thanks for reaching out to the Sentry dev list. Please see my comments inline below:
On Thu, Sep 12, 2013 at 11:09 AM, Dilli Arumugam <[email protected]>wrote: > Hi Team, > > Trying to understand Sentry architecture and layers hoping to adopt and > contribute to Sentry. > > Would appreciate any pointers and clarifications from the current > committers. > > May be I did not find the right documentation or not reading the > documentation and code right. > > Quickly browsed code checked out from > https://github.com/cloudera/access.git > to get some insight. > This was the old repository. The new repository is at https://git-wip-us.apache.org/repos/asf/incubator-sentry.git There is also a brief write-up on how to contribute to Sentry that you can find here: https://cwiki.apache.org/confluence/display/SENTRY/How+to+Contribute > > It appears that Sentry segregates concerns into different layers > > > sentry-core > > sentry-provider with sublayer sentry-provider-file > > sentry-bonding with sublayer sentry-binding-hive > > > That is nice. > > > But, code from sentry-core has classes and concepts such as Server, > Database, Table, View etc. > > This, in my opinion does not belong in sentry-core and belongs to > sentry-binding-hive. > > Would appreciate your comments and thoughts. > This is a good observation, and we are of the same opinion too. There is no one model yet for Sentry to implement and hence these concepts need to be factored out of the core module. We will be doing the refactoring for this soon to clean things up and make room for more security models to come in. > > > Was debating whether Sentry team evaluated Shiro as an authorization > framework. > > > Looked into sentry pom file and found that Sentry pulls in Shiro > dependency. > > > But, looking into Sentry code indicates Sentry is using only a few classes > from Shiro more like utility classes than using Shiro as authorization > framework. > > > Did Sentry team evaluate Shiro as authorization framework and then dropped > it to choose only some utility classes from Shiro? > > Would appreciate your comments and thoughts. > Yes we did evaluate Shiro to a certain extent early on but decided to continue without it. However, it is not a hard decision and once we have more development done, we can certainly take a closer look at bringing it in if necessary. Regards, Arvind Prabhakar > > Thanks > > Dilli > > -- > CONFIDENTIALITY NOTICE > NOTICE: This message is intended for the use of the individual or entity to > which it is addressed and may contain information that is confidential, > privileged and exempt from disclosure under applicable law. If the reader > of this message is not the intended recipient, you are hereby notified that > any printing, copying, dissemination, distribution, disclosure or > forwarding of this communication is strictly prohibited. If you have > received this communication in error, please contact the sender immediately > and delete it from your system. Thank You. >
