 |
 |
On Tue, 7 Jun 2011, Brian Bockelman wrote: > > On Jun 7, 2011, at 12:04 AM, Andrew Hanushevsky wrote: > >> Hi Matevz, > > There's two things here, no? The wire protocol, and what gets used > internally. It's locally a huge issue to have the 8-character limit for > authorization and logging, as almost none of our user accounts are 8 > characters (in fact, about 3,000 of them are not uniquely identifiable > by using only 8 characters). The traceid is not secure it is not supposed to be used for authorization. Never never never. It is used merely for logging and has nothing to do with the authorization scheme. You *must* use the authenticated name for authorization and that is unlimited. Please do not confuse those two items. Andy