Home | About | Sematext search-lucene.com search-hadoop.com
NEW: Monitor These Apps!
elasticsearch, apache solr, apache hbase, hadoop, redis, casssandra, amazon cloudwatch, mysql, memcached, apache kafka, apache zookeeper, apache storm, ubuntu, centOS, red hat, debian, puppet labs, java, senseiDB
 Search Hadoop and all its subprojects:

Switch to Threaded View
Accumulo >> mail # user >> Authentication - Kerberose


Copy link to this message
-
Re: Authentication - Kerberose
Right now I'm still testing it to make sure things didn't get broken in
some odd way. There were a lot of changes made to not only the Security
randomwalk test, but also some of the underlying authentication semantics
to deal with permission caching. However, this is the first sweep (but most
substantial), because I need to figure out how best to deal with
authentication systems that are more complex then just username/password
tokens. But this is certainly a feature that will be rolled into 1.5, worst
case being it's introduced as a beta API which only supports user/pass
based login tokens.

John
On Thu, Nov 1, 2012 at 9:39 PM, Michael Peterson <
[EMAIL PROTECTED]> wrote:

> Hi John,
> https://issues.apache.org/jira/browse/ACCUMULO-259 is dated in January
> and it talks to ZKAuthentictor being schedule for 1.5. Would you be able to
> provide an update on the status? It's almost a year later and 1.5 is on the
> horizon. It would be awesome to be able to make the statement that,
> "Accumulo will have robust authentication in the 1.5 release.", especially
> given the window of opportunity!
>
> Those supporting competing technologies are making statements like, "we
> plan to implement 'this' in future releases" or "we're close but not there
> yet" (although they already have authentication). There are subtle but
> significant difference in technologies that do and ones that will do, soon.
> Thanks,
> Mike
> PS -  Thanks for the feedback, Mike
>
> ________________________________________
> From: Mike Drob [[EMAIL PROTECTED]]
> Sent: Thursday, November 01, 2012 5:37 PM
> To: [EMAIL PROTECTED]
> Cc: John Vines
> Subject: Re: Authentication - Kerberose
>
> There are a couple tickets that involve making Accumulo and Kerberos play
> nice -
>
> https://issues.apache.org/jira/browse/ACCUMULO-404 was to get accumulo
> running on a kerberized HDFS
> https://issues.apache.org/jira/browse/ACCUMULO-259 is for potentially
> delegating the authentications to an external system (i.e. KRB)
>
> It looks like it was planned for 1.5, but John can probably chime in and
> let us know of the status.
>
> Mike
>
> On Thu, Nov 1, 2012 at 2:20 PM, Michael Peterson <
> [EMAIL PROTECTED]<mailto:[EMAIL PROTECTED]>> wrote:
>
> To whom it may concern:
>
> Can you please provide a schedule of if/when Accumulo will use Kerberose
> for authentication? I’m working with multiple customers that are collecting
> data to make decisions to use Accumulo or other technologies. The absence
> of strong authentication with Accumulo is a major concern (and less
> subjective).
>
>
>
> Also, is there a POC for new features that will be available in 1.5?
> Thanks,
> Mike Peterson, Owner
> Peterson Technologies, LLC
> 240-456-0094, ext 111<tel:240-456-0094%2C%20ext%20111>
> 240-456-0096<tel:240-456-0096> fax
> 410-218-4004<tel:410-218-4004> cell
> Certified 8(a), SDVOSB, MBE/A
>
>
>
NEW: Monitor These Apps!
elasticsearch, apache solr, apache hbase, hadoop, redis, casssandra, amazon cloudwatch, mysql, memcached, apache kafka, apache zookeeper, apache storm, ubuntu, centOS, red hat, debian, puppet labs, java, senseiDB