[
https://issues.apache.org/jira/browse/HADOOP-6929?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12904119#action_12904119
]
Vinod K V commented on HADOOP-6929:
-----------------------------------
Can we do something like this? (An updated version of Sharad's offline proposal)
{code}
interface SecurityContext {
KerberosContext getKerberosContext(Class protocol);
TokenContext getTokenContext(Class protocol);
}
//get the info from annotations
AnnotatedSecurityContext implements SecurityContext {
KerberosContext getKerborosContext(Class protocol) {
// construct KerberosContext from annotation KerberosInfo
}
TokenContext getTokenContext(Class protocol) {
// construct TokenContext from annotation TokenInfo
}
}
// get the information from hand-crafted context object.
HandCraftedSecurityContext implements SecurityContext {
}
{code}
We will need to pass this context information all through into the RPC layer.
(Is this why annotations were originally used?)
> RPC should have a way to pass Security information other than protocol
> annotations
> ----------------------------------------------------------------------------------
>
> Key: HADOOP-6929
> URL: https://issues.apache.org/jira/browse/HADOOP-6929
> Project: Hadoop Common
> Issue Type: Improvement
> Components: ipc, security
> Reporter: Sharad Agarwal
> Fix For: 0.22.0
>
>
> Currently Hadoop RPC allows protocol annotations as the only way to pass
> security information. This becomes a problem if protocols are generated and
> not hand written. For example protocols generated via Avro and passed over
> Avro tunnel (AvroRpcEngine.java) can't pass the security information.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
