Home | About | Sematext search-lucene.com search-hadoop.com
 Search Hadoop and all its subprojects:

Switch to Plain View
Hadoop, mail # dev - [DISCUSS] Hadoop SSO/Token Server Components


+
Larry McCay 2013-07-02, 20:03
+
Zheng, Kai 2013-07-03, 18:39
+
Larry McCay 2013-07-03, 20:10
+
Andrew Purtell 2013-07-03, 23:35
+
Larry McCay 2013-07-03, 23:49
+
Andrew Purtell 2013-07-04, 18:40
+
Alejandro Abdelnur 2013-07-04, 20:09
+
Zheng, Kai 2013-07-05, 17:34
+
Larry McCay 2013-07-05, 18:25
+
Larry McCay 2013-07-05, 19:24
+
Larry McCay 2013-07-10, 13:42
+
Daryn Sharp 2013-07-10, 16:30
+
Alejandro Abdelnur 2013-07-10, 15:14
+
Brian Swan 2013-07-10, 17:06
+
Larry McCay 2013-07-10, 17:39
+
Brian Swan 2013-07-10, 17:59
+
Larry McCay 2013-07-27, 00:59
+
Larry McCay 2013-07-30, 16:43
+
Alejandro Abdelnur 2013-08-06, 20:04
+
Chris Nauroth 2013-08-06, 20:12
+
Alejandro Abdelnur 2013-08-06, 20:15
+
Larry McCay 2013-08-06, 21:48
+
Chris Nauroth 2013-08-06, 22:22
Copy link to this message
-
Re: [DISCUSS] Hadoop SSO/Token Server Components
Larry McCay 2013-09-03, 12:20
All -

Given that we have moved forward with the branch committerships for the
initial set of security branch contributors, I think that we should propose
a branch for iteration-1 as described in this thread.

My proposal is that we limit the scope of this initial branch to be only
that which is required for the pluggable authentication mechanism as
described in iteration-1. We will then create a separate branch in order to
introduce whole new services - such as: TAS Server Instances and a Key
Management Service.

This will make the ability to review each branch easier and the merging of
each into trunk less destabilizing/risky.

In terms of check-in philosophy, we should take a review then check-in
approach to the branch with lazy consensus - wherein we do not need to
explicitly +1 every check-in to the branch but we will honor any -1's with
discussion to resolve before checking in. This will provide us each with
the opportunity to track the work being done and ensure that we understand
it and find that it meets the intended goals.

I am excited to get this work really moving and look forward to working on
it with you all.

One outstanding question for me - how do we go about getting the branches
created?

Off the top of my head, I believe there to be a need for 3 for the related
security efforts actually: pluggable authentication/sso, security services
and cryptographic filesystem.

thanks!

--larry
On Tue, Aug 6, 2013 at 6:22 PM, Chris Nauroth <[EMAIL PROTECTED]>wrote:

> Near the bottom of the bylaws, it states that addition of a "New Branch
> Committer" requires "Lazy consensus of active PMC members."  I think this
> means that you'll need to get a PMC member to sponsor the vote for you.
>  Regular committer votes happen on the private PMC mailing list, and I
> assume it would be the same for a branch committer vote.
>
> http://hadoop.apache.org/bylaws.html
>
> Chris Nauroth
> Hortonworks
> http://hortonworks.com/
>
>
>
> On Tue, Aug 6, 2013 at 2:48 PM, Larry McCay <[EMAIL PROTECTED]>
> wrote:
>
> > That sounds perfect!
> > I have been thinking of late that we would maybe need an incubator
> project
> > or something for this - which would be unfortunate.
> >
> > This would allow us to move much more quickly with a set of patches
> broken
> > up into consumable/understandable chunks that are made functional more
> > easily within the branch.
> > I assume that we need to start a separate thread for DISCUSS or VOTE to
> > start that process - correct?
> >
> > On Aug 6, 2013, at 4:15 PM, Alejandro Abdelnur <[EMAIL PROTECTED]>
> wrote:
> >
> > > yep, that is what I meant. Thanks Chris
> > >
> > >
> > > On Tue, Aug 6, 2013 at 1:12 PM, Chris Nauroth <
> [EMAIL PROTECTED]
> > >wrote:
> > >
> > >> Perhaps this is also a good opportunity to try out the new "branch
> > >> committers" clause in the bylaws, enabling non-committers who are
> > working
> > >> on this to commit to the feature branch.
> > >>
> > >>
> > >>
> >
> http://mail-archives.apache.org/mod_mbox/hadoop-general/201308.mbox/%3CCACO5Y4we4d8knB_xU3a=hr2gbeQO5m3vaU+[EMAIL PROTECTED]%3E
> > >>
> > >> Chris Nauroth
> > >> Hortonworks
> > >> http://hortonworks.com/
> > >>
> > >>
> > >>
> > >> On Tue, Aug 6, 2013 at 1:04 PM, Alejandro Abdelnur <[EMAIL PROTECTED]
> > >>> wrote:
> > >>
> > >>> Larry,
> > >>>
> > >>> Sorry for the delay answering. Thanks for laying down things, yes, it
> > >> makes
> > >>> sense.
> > >>>
> > >>> Given the large scope of the changes, number of JIRAs and number of
> > >>> developers involved, wouldn't make sense to create a feature branch
> for
> > >> all
> > >>> this work not to destabilize (more ;) trunk?
> > >>>
> > >>> Thanks again.
> > >>>
> > >>>
> > >>> On Tue, Jul 30, 2013 at 9:43 AM, Larry McCay <[EMAIL PROTECTED]
> >
> > >>> wrote:
> > >>>
> > >>>> The following JIRA was filed to provide a token and basic authority
> > >>>> implementation for this effort:
> > >>>> https://issues.apache.org/jira/browse/HADOOP-9781

CONFIDENTIALITY NOTICE
NOTICE: This message is intended for the use of the individual or entity to
which it is addressed and may contain information that is confidential,
privileged and exempt from disclosure under applicable law. If the reader
of this message is not the intended recipient, you are hereby notified that
any printing, copying, dissemination, distribution, disclosure or
forwarding of this communication is strictly prohibited. If you have
received this communication in error, please contact the sender immediately
and delete it from your system. Thank You.
+
Chris Douglas 2013-09-03, 22:44
+
Larry McCay 2013-09-03, 22:55
+
Zheng, Kai 2013-09-04, 02:00
+
Larry McCay 2013-09-04, 18:19
+
Chris Douglas 2013-09-04, 19:39
+
Suresh Srinivas 2013-09-05, 06:41
+
Zheng, Kai 2013-09-05, 07:29
+
Li, Tianyou 2013-07-04, 04:19
+
Larry McCay 2013-07-04, 10:52
+
Zheng, Kai 2013-07-04, 11:21
+
Larry McCay 2013-07-04, 16:18
+
Brian Swan 2013-07-03, 18:32
+
Larry McCay 2013-07-03, 20:13