[
https://issues.apache.org/jira/browse/HBASE-10918?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13974869#comment-13974869
]
Andrew Purtell edited comment on HBASE-10918 at 4/19/14 2:04 PM:
-----------------------------------------------------------------
Set up the effective authorization set for the user as the maximal set of auths
defined for the user by the 'setauths' command.
As a stacked SLG we will assume we are at the bottom of the stack. Therefore we
should also WARN if we find any auths passed in to us from the RPC context and
drop them.
Consider extending the 'setauths' command and its server side support for
defining auths for groups using @group notation. The effective authorization
set for a user would then be the union of user auths and auths for each group.
was (Author: apurtell):
Set up the effective authorization set for the user as the maximal set of auths
defined for the user by the 'setauths' command.
As a stacked SLG we will assume we are at the bottom of the stack. Therefore we
should also WARN if we find any auths passed in to us from the RPC context and
drop them.
Consider extending the 'setauths' command and its server side support for
defining auths for groups using @group notation.
> [VisibilityController] System table backed ScanLabelGenerator
> --------------------------------------------------------------
>
> Key: HBASE-10918
> URL: https://issues.apache.org/jira/browse/HBASE-10918
> Project: HBase
> Issue Type: Sub-task
> Reporter: Andrew Purtell
> Priority: Critical
> Fix For: 0.99.0, 0.98.2
>
>
> A ScanLabelGenerator that retrieves a static set of authorizations for a user
> or group from a new HBase system table, and insures these auths are part of
> the effective set.
> Useful for forcing a baseline set of auths for a user.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
