Jerry Chen created HADOOP-9812:
----------------------------------
Summary: Authorization service for HAS
Key: HADOOP-9812
URL: https://issues.apache.org/jira/browse/HADOOP-9812
Project: Hadoop Common
Issue Type: Task
Components: security
Reporter: Jerry Chen
This task defines and implements Authorization Server role for HAS. First, it
provides the service level access token based authorization for HAS. It also
provides fine-grained access control mechanisms for Hadoop to further enforce
fine-grained access control for specific components, such as HDFS. This role
along with related services can be configured into one HAS deployment. The
scope of this task is highlighted as following:
* Implement access token service defined in TokenAuth framework. The access
token service provides service level authorization and grants access token
according to the identity token and access permissions.
* Define and implement authorization policy service in HAS for Hadoop
services to retrieve and synchronize authorization policies.
* Implement and provide authorization policy management, allowing admin to
create and manage authorization policies to authorize system and resource
accesses employing different authorization models with corresponding editors
and tools;
* Implement and provide authorization management facility, allowing admin to
configure global settings and manage authorization policies across the system
for the domain.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
