Add authenticated TokenIdentifiers to UGI so that they can be used for
authorization
------------------------------------------------------------------------------------
Key: HADOOP-6581
URL: https://issues.apache.org/jira/browse/HADOOP-6581
Project: Hadoop Common
Issue Type: New Feature
Components: ipc, security
Reporter: Kan Zhang
Assignee: Kan Zhang
When token is used for authentication over RPC, information other than username
may be needed for access authorization. This information is typically specified
in TokenIdentifier. This is especially true for block tokens used for
client-to-datanode accesses, where authorization is based on access permissions
specified in TokenIdentifier, and not on username. Block tokens used to be
called access tokens and one can think of them as capability tokens. See
HADOOP-4359 for more info.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
