Description
This is to define and provide authorization enforcement library for Hadoop services. It provides the utilities to load and enforce security policies through related services provided by the Authorization Service of HAS. Hadoop components call these utilities to enforce the authorization policies. Take HDFS for example, when a user is trying to access a file or a folder, name node will call into this library and pass the resource identifier and the rights needed. The scope of this is as follows:
- Define and implement authorization policy enforcement API to be utilized by Hadoop services to enforce authorization policies.
- Define and implement authorization policy load and sync facilities.
- Define and implement authorization policy evaluation engine.
Attachments
Issue Links
- Is contained by
-
HADOOP-9798 TokenAuth Implementation - HAS
-
- Open
-