[
https://issues.apache.org/jira/browse/HADOOP-6902?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Kan Zhang updated HADOOP-6902:
------------------------------
Attachment: c6902-03.patch
Attaching a preliminary patch for review.
1. To simplify the code, I chose the simple use model of a cluster-wide
property that either you use encryption for all your RPC connections or not.
There is no support for selective encryption on a per-connection basis.
2. Removed splitKerberosName() method and use KerberosName class instead
3. re-factored createSaslServer methods from Server to SaslRpcServer to have
better encapsulation of SASL_PROS.
4. SASL_PROS is set according to the conf used to call
UGI.setConfiguration(conf). Otherwise, it defaults to no-encryption. Anyone
sees any problem here?
> RPC server's SASL_PROPS shouldn't be re-initialized every time an RPC client
> is created
> ---------------------------------------------------------------------------------------
>
> Key: HADOOP-6902
> URL: https://issues.apache.org/jira/browse/HADOOP-6902
> Project: Hadoop Common
> Issue Type: Bug
> Components: ipc, security
> Reporter: Kan Zhang
> Attachments: c6902-03.patch
>
>
> SaslRpcServer.SASL_PROPS is a SASL server property and should stay constant
> after initialization. In the initial implementation, we assumed all SASL
> clients will use the same constant value. If different clients might use
> different values depending on the conf in the getProxy() call (as current
> code implies), each client should have its own copy. In any case, a client
> shouldn't re-initialize server's copy.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
