[ https://issues.apache.org/jira/browse/HADOOP-1701?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Tsz Wo (Nicholas), SZE updated HADOOP-1701: ------------------------------------------- Attachment: 1701_20071109.patch > Provide a simple authentication service and a user management service > --------------------------------------------------------------------- > > Key: HADOOP-1701 > URL: https://issues.apache.org/jira/browse/HADOOP-1701 > Project: Hadoop > Issue Type: New Feature > Reporter: Tsz Wo (Nicholas), SZE > Assignee: Tsz Wo (Nicholas), SZE > Attachments: 1701_20071109.patch > > > In HADOOP-1298, we want to add user information and permission to the file > system. It requires an authentication service and a user management service. > We should provide a framework and a simple implementation in issue and > extend it later. As discussed in HADOOP-1298, the framework should be > extensible and pluggable. > - Extensible: possible to extend the framework to the other parts (e.g. > map-reduce) of Hadoop. > - Pluggable: can easily switch security implementations. Below is a diagram > borrowed from Java. > !http://java.sun.com/javase/6/docs/technotes/guides/security/overview/images/3.jpg! > - Implement a Hadoop authentication center (HAC). In the first step, the > mechanism of HAC is very simple, it keeps track a list of usernames (we only > support users, will work on other principals later) in HAC and verify > username in user login (yeah, no password). HAC can run inside NameNode or > run as a stand alone server. We will probably use Kerberos to provide more > sophisticated authentication service. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.