Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Subtask] Chain authorization plugin framework #5775

Closed
Tracked by #5774
xunliu opened this issue Dec 5, 2024 · 0 comments · Fixed by #5786
Closed
Tracked by #5774

[Subtask] Chain authorization plugin framework #5775

xunliu opened this issue Dec 5, 2024 · 0 comments · Fixed by #5786
Assignees
Labels
0.8.0 Release v0.8.0 subtask Subtasks of umbrella issue

Comments

@xunliu
Copy link
Member

xunliu commented Dec 5, 2024

Describe the subtask

Chain authorization plugin supports pushdown a role to multiple underlying data source.

  1. Chain auth plugin includes multiple plugin instances.
  2. Chain auth plugin loop executes pushdown interface in the multiple plugin instances.
  3. Support wildcard properties to configuration multi-plugin properties.
Chain authorization properties
    properties.put("authorization-provider", "chain");
    properties.put("authorization.chain.plugins", "hive1,hdfs1");
    properties.put("authorization.chain.hive1.provider", "ranger");
    properties.put("authorization.chain.hive1.ranger.auth.type", "simple");
    properties.put("authorization.chain.hive1.ranger.admin.url", "http://localhost:6080");
    properties.put("authorization.chain.hive1.ranger.username", "admin");
    properties.put("authorization.chain.hive1.ranger.password", "admin");
    properties.put("authorization.chain.hive1.ranger.service.type", "hive");
    properties.put("authorization.chain.hive1.ranger.service.name", "hiveDev");
    properties.put("authorization.chain.hdfs1.provider", "ranger");
    properties.put("authorization.chain.hdfs1.ranger.auth.type", "simple");
    properties.put("authorization.chain.hdfs1.ranger.admin.url", "http://localhost:6080");
    properties.put("authorization.chain.hdfs1.ranger.username", "admin");
    properties.put("authorization.chain.hdfs1.ranger.password", "admin");
    properties.put("authorization.chain.hdfs1.ranger.service.type", "hadoop");
    properties.put("authorization.chain.hdfs1.ranger.service.name", "hdfsDev");

Parent issue

#5774

@xunliu xunliu added subtask Subtasks of umbrella issue 0.8.0 Release v0.8.0 labels Dec 5, 2024
@xunliu xunliu self-assigned this Dec 5, 2024
xunliu added a commit to xunliu/gravitino that referenced this issue Dec 5, 2024
xunliu added a commit to xunliu/gravitino that referenced this issue Dec 6, 2024
xunliu added a commit to xunliu/gravitino that referenced this issue Dec 19, 2024
xunliu added a commit to xunliu/gravitino that referenced this issue Dec 23, 2024
@xunliu xunliu changed the title [Subtask] Chain authorization plugin [Subtask] Chain authorization plugin framework Dec 23, 2024
xunliu added a commit to xunliu/gravitino that referenced this issue Dec 23, 2024
xunliu added a commit to xunliu/gravitino that referenced this issue Dec 23, 2024
xunliu added a commit to xunliu/gravitino that referenced this issue Dec 23, 2024
xunliu added a commit to xunliu/gravitino that referenced this issue Dec 23, 2024
xunliu added a commit to xunliu/gravitino that referenced this issue Dec 24, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
0.8.0 Release v0.8.0 subtask Subtasks of umbrella issue
Projects
None yet
Development

Successfully merging a pull request may close this issue.

1 participant