-
Notifications
You must be signed in to change notification settings - Fork 176
APEXCORE-752 update the security doc with description of new feature implemented in APEXCORE-733 #552
Conversation
`/user/dtadmin/datatorrent/apps/application_1487803614053_10222`. | ||
|
||
This root directory determination involves using the 'current' user, and in case of impersonation Apex treats either the impersonating user or the impersonated | ||
user as the 'current' user depending on the value of the configuration propery `dt.authentication.impersonation.path.enable`. You should set its value to `true` to |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@sanjaypujare please change these properties to use apex. prefix. For those that existed prior to 3.6 release, they should be deprecated like it was done for attributes, for others they should be just changed.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@tweise The actual code defines the property to be dt.auth....
and apex.auth...
won't work (as far as I can see). If the code has to change, we'll need a JIRA?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes, please create a separate JIRA to deprecate the properties and make them available with apex. keys. IMO whenever related work is done these long due changes should be made as the contributor working on it is already familiar with the code and does the testing.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@tweise @amberarrow APEXCORE-755 has been opened. Could you review and merge as appropriate?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@sanjaypujare dt.authentication.impersonation.path.enable was introduced since last release, please change this to apex. prefix. Perhaps you can do that as part of APEXCORE-755, but before release 3.7
Also, there are a few pre-existing incorrectly formatted headers in this doc that would be good to fix (like ####Hadoop configuration approach and following). Working on existing files is an opportunity to cleanup such trivial issues.
docs/security.md
Outdated
- `dt.dfsRootDirectory` is set to `/user/%USER_NAME%/datatorrent`. | ||
|
||
|
||
Also assume the impersonating user is `dtadmin` and the impersonated user is `peter` when the application is launched. In this scenario, when |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
replace 'dtadmin' with something else
…implemented in APEXCORE-733
9981457
to
1831356
Compare
@amberarrow @tweise @PramodSSImmaneni comments addressed and rebased to master. Pls review and merge as appropriate |
@PramodSSImmaneni @amberarrow pls review and merge as appropriate