[jira] Commented: (HADOOP-1298) adding user info to file

Tue, 18 Sep 2007 10:47:05 -0700 

    [ 
https://issues.apache.org/jira/browse/HADOOP-1298?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12528466
 ] 

Raghu Angadi commented on HADOOP-1298:
--------------------------------------


bq. Mostly what I meant to say is that folks are used to having a user database 
and authentication system bundled with their filesystem, and that the Apache 
Directory Server may be a way for us to ship a secure, standards-compliant, 
platform-independent user database and authentication system with Hadoop.

We are certainly looking for such an implementation for better idea on what we 
are doing.

bq. If we have to make an authentication call for each RPC we're dead in the 
water. But hopefully, with caching, authentication traffic can be made moderate 
even on large clusters, and, who knows, it might be feasable to include it in 
the namenode.

>From my initial reading of Kerberos, for each RPC (later this may change to 
>for each connection), Namenode wants to know who the user is, for this, all it 
>does is decrypting some authentication data and does not involve extra network 
>traffic as such. In that sense, authentication is mostly CPU overhead (which 
>might still be pretty substantial).

> adding user info to file
> ------------------------
>
>                 Key: HADOOP-1298
>                 URL: https://issues.apache.org/jira/browse/HADOOP-1298
>             Project: Hadoop
>          Issue Type: New Feature
>          Components: dfs, fs
>            Reporter: Kurtis Heimerl
>            Assignee: Christophe Taton
>             Fix For: 0.15.0
>
>         Attachments: 1298_2007-09-06b.patch, 1298_2007-09-07g.patch, 
> hadoop-user-munncha.patch17
>
>
> I'm working on adding a permissions model to hadoop's DFS. The first step is 
> this change, which associates user info with files. Following this I'll 
> assoicate permissions info, then block methods based on that user info, then 
> authorization of the user info. 
> So, right now i've implemented adding user info to files. I'm looking for 
> feedback before I clean this up and make it offical. 
> I wasn't sure what release, i'm working off trunk. 

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

Reply via email to