Overview
This page documents various scenarios for security use cases supported in 3.5. The scenarios below apply to the following combinations of security:
...
Applications with existing streams
Namespace Creation
- Client --> Router HTTP:
createNamespace(nsName, nsConfig)
- Router --> AppFabric HTTP:
createNamespace(nsName, nsConfig, SecurityRequestContext.userId)
- AppFabric --> AuthEnforcer:
!authorized(
SecurityRequestContext.userId
) ? UnauthorizedException
- AppFabric --> Authorizer Thrift:
grant
(namespace,
SecurityRequestContext.userId, ALL
)
- AppFabric --> DatasetServiceClient:
getDataset
(app.meta) - DatasetServiceClient --> DatasetService HTTP
: getDataset(app.meta, Header(CDAP-UserId=Principal.SYSTEM))
- DatasetService --> AuthEnforcer
: result = filter(dataset, SecurityRequestContext.userId)
This will always be non-empty, because of the system principal - DatasetService --> DatasetServiceClient HTTP —> AppFabric: MDS
- AppFabric --> MDS:
store
(namespace
)
- AppFabric --> StorageProviderNsAdmin
: result =
doAs(nsName, createNamespace(namespaceMeta))
This will only check for access for custom mappings, but will create otherwise - AppFabric —> AppFabric:
!result ? revoke(namespace) && NamespaceCannotBeCreatedException
- AppFabric --> Router --> Client HTTP:
result
...
- Client --> Router HTTP:
deleteNamespace(nsName)
- Router --> AppFabric HTTP:
deleteNamespace(nsName, SecurityRequestContext.userId)
- AppFabric --> AuthEnforcer:
!authorized(
SecurityRequestContext.userId
) ? UnauthorizedException
- AppFabric --> Authorizer Thrift:
revoke(namespace,
SecurityRequestContext.userId, ALL
)
- AppFabric --> DatasetServiceClient:
getDataset(app.meta)
- DatasetServiceClient --> DatasetService HTTP
: getDataset(app.meta, Header(CDAP-UserId=Principal.SYSTEM))
- DatasetService --> AuthEnforcer
: result = filter(dataset, SecurityRequestContext.userId)
This will always be non-empty, because of the system principal - DatasetService --> DatasetServiceClient HTTP —> AppFabric: MDS
- AppFabric --> MDS:
delete(namespace
)
- AppFabric --> StorageProviderNsAdmin
: result =
doAs(nsName, delete(namespaceMeta))
This will only check for access for custom mappings, but will delete otherwise - AppFabric --> Authorizer Thrift:
revoke(namespace,
SecurityRequestContext.userId, ALL
)
- AppFabric —> AppFabric:
!result ? NamespaceCannotBeDeletedException
- AppFabric --> Router --> Client HTTP:
result
...