[jira] [Commented] (ACCUMULO-1028) Distinguish the user principal from the authentication token

Mon, 04 Feb 2013 10:16:13 -0800 

    [ 
https://issues.apache.org/jira/browse/ACCUMULO-1028?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13570466#comment-13570466
 ] 

John Vines commented on ACCUMULO-1028:
--------------------------------------

I am an advocate of the generic INVALID_TOKEN. Having the Authenticator attempt 
to treat the byte blob as a serialized token that it's expected and throwing 
INVALID_TOKEN if it cannot deserialize it is the way I think it should be 
handled. This is how Kerberos works as well- if it can decrypt the blob, 
hooray, otherwise failure.

Additionally, by putting in this type of serialization has a security flaw that 
Eric pointed out. It allows a user who has the ability to write to the 
reloadable class directory to execute arbitrary code. Currently this is not 
possible unless that user ALSO has login credentials to the Accumulo instance.
                
> Distinguish the user principal from the authentication token
> ------------------------------------------------------------
>
>                 Key: ACCUMULO-1028
>                 URL: https://issues.apache.org/jira/browse/ACCUMULO-1028
>             Project: Accumulo
>          Issue Type: Sub-task
>          Components: master, tserver
>            Reporter: Christopher Tubbs
>            Assignee: John Vines
>             Fix For: 1.5.0
>
>
> The user principal is something that uniquely identifies a user. An 
> authentication token is the item that authenticates the user principal, may 
> be temporal, and may vary. It is not clear from the implementation of 
> ACCUMULO-259 that these are separate things, and I think it would benefit the 
> API to distinguish them.
> It could also simplify the API, for users transitioning from the old 
> authentication stuff to the new authentication stuff, because there would be 
> a one-to-one mapping with the username/password with which they are familiar:
> {code:java}
> public Connector getConnector(String username, byte[] password);
> {code}
> becomes
> {code:java}
> public <T extends AuthToken> Connector getConnector(Principal userPrincipal, 
> T authToken);
> {code}

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Reply via email to