[
https://issues.apache.org/jira/browse/SENTRY-2367?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16594203#comment-16594203
]
Steve Moist commented on SENTRY-2367:
-------------------------------------
I wouldn't want a dependency on Keycloak for something like this. It seems
unnecessary, besides if our SPI definitions grow over time they may not match
the Keycloaks. I would revise the @author comment to mention where it came
from rather than directly give them credit for it. IANAL but I think that would
make sense.
The Hadoop KMS uses SPI to load custom key managers in. I don't see an issue
with this. Users with security requirements should be locking down their
deployments from putting in rogue jars and controlling access from a OS level.
Otherwise their systems are not secure.
> Implement subsystem to allow for pluggable attribute providers and transports
> -----------------------------------------------------------------------------
>
> Key: SENTRY-2367
> URL: https://issues.apache.org/jira/browse/SENTRY-2367
> Project: Sentry
> Issue Type: Sub-task
> Components: Core
> Affects Versions: 2.0.1
> Reporter: Brian Towles
> Assignee: Brian Towles
> Priority: Major
> Fix For: 2.1.0
>
> Attachments: SENTRY-2367.001.patch, SENTRY-2367.002.patch
>
>
> Implement a subsystem for Sentry to for the pluggable loading of attribute
> providers and transports. This will be done with the Java SPI interface and
> mechanisms.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
