Skip to content
This repository has been archived by the owner on Jun 7, 2021. It is now read-only.

APEXCORE-752 update the security doc with description of new feature implemented in APEXCORE-733 #552

Merged
merged 1 commit into from
Jul 8, 2017
Merged

APEXCORE-752 update the security doc with description of new feature implemented in APEXCORE-733 #552

merged 1 commit into from
Jul 8, 2017

Conversation

sanjaypujare
Copy link
Contributor

@PramodSSImmaneni @amberarrow pls review and merge as appropriate

tweise
tweise reviewed Jul 4, 2017
View reviewed changes
docs/security.md
`/user/dtadmin/datatorrent/apps/application_1487803614053_10222`.

This root directory determination involves using the 'current' user, and in case of impersonation Apex treats either the impersonating user or the impersonated
user as the 'current' user depending on the value of the configuration propery `dt.authentication.impersonation.path.enable`. You should set its value to `true` to
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@sanjaypujare please change these properties to use apex. prefix. For those that existed prior to 3.6 release, they should be deprecated like it was done for attributes, for others they should be just changed.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@tweise The actual code defines the property to be dt.auth.... and apex.auth... won't work (as far as I can see). If the code has to change, we'll need a JIRA?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, please create a separate JIRA to deprecate the properties and make them available with apex. keys. IMO whenever related work is done these long due changes should be made as the contributor working on it is already familiar with the code and does the testing.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@tweise @amberarrow APEXCORE-755 has been opened. Could you review and merge as appropriate?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@sanjaypujare dt.authentication.impersonation.path.enable was introduced since last release, please change this to apex. prefix. Perhaps you can do that as part of APEXCORE-755, but before release 3.7

Also, there are a few pre-existing incorrectly formatted headers in this doc that would be good to fix (like ####Hadoop configuration approach and following). Working on existing files is an opportunity to cleanup such trivial issues.

tweise
tweise reviewed Jul 4, 2017
View reviewed changes
docs/security.md Outdated
- `dt.dfsRootDirectory` is set to `/user/%USER_NAME%/datatorrent`.


Also assume the impersonating user is `dtadmin` and the impersonated user is `peter` when the application is launched. In this scenario, when
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

replace 'dtadmin' with something else

@tweise tweise mentioned this pull request Jul 4, 2017
Merged
@sanjaypujare
Copy link
Contributor Author

@amberarrow @tweise @PramodSSImmaneni comments addressed and rebased to master. Pls review and merge as appropriate

@asfgit asfgit merged commit 1831356 into apache:master Jul 8, 2017
@sanjaypujare sanjaypujare deleted the APEXCORE-752.sanjay branch July 8, 2017 18:41
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@tweise tweise tweise left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
3 participants
@sanjaypujare @tweise @asfgit