[
https://issues.apache.org/jira/browse/HADOOP-19306?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17898037#comment-17898037
]
ASF GitHub Bot commented on HADOOP-19306:
-----------------------------------------
szetszwo commented on code in PR #7140:
URL: https://github.com/apache/hadoop/pull/7140#discussion_r1841094635
##########
hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/SaslMechanismFactory.java:
##########
@@ -0,0 +1,75 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.hadoop.security;
+
+import org.apache.hadoop.HadoopIllegalArgumentException;
+import org.apache.hadoop.classification.InterfaceAudience;
+import org.apache.hadoop.classification.InterfaceStability;
+import org.apache.hadoop.conf.Configuration;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import static
org.apache.hadoop.fs.CommonConfigurationKeysPublic.HADOOP_SECURITY_SASL_MECHANISM_DEFAULT;
+import static
org.apache.hadoop.fs.CommonConfigurationKeysPublic.HADOOP_SECURITY_SASL_MECHANISM_KEY;
+
+/**
+ * SASL related constants.
+ */
[email protected]({"HDFS", "MapReduce"})
[email protected]
+public final class SaslMechanismFactory {
+ static final Logger LOG =
LoggerFactory.getLogger(SaslMechanismFactory.class);
+
+ private static final String SASL_MECHANISM_ENV = "HADOOP_SASL_MECHANISM";
+ private static final String SASL_MECHANISM;
+
+ static {
+ // env
+ final String envValue = System.getenv(SASL_MECHANISM_ENV);
+ LOG.debug("{} = {} (env)", SASL_MECHANISM_ENV, envValue);
+
+ // conf
+ final Configuration conf = new Configuration();
Review Comment:
> It should be possble (with more changes) to load the mechanism lazily,
when SASL is used first.
The is already loaded mechanism lazily. The class won't be loaded unless it
is used.
In our case, it should be fine since conf will be loaded during a SASL
server/client is being created. The conf path must be set at that time.
(`UserGroupInformation` has a different story since it may have to logged in
before starting a server/client.)
> IMO having to configure this from an environment variable would be an
operational nightmare.
Hadoop security tends to use environment variable since conf may not
available.
> Support user defined auth Callback in SaslRpcServer
> ---------------------------------------------------
>
> Key: HADOOP-19306
> URL: https://issues.apache.org/jira/browse/HADOOP-19306
> Project: Hadoop Common
> Issue Type: Improvement
> Components: ipc, security
> Reporter: Tsz-wo Sze
> Assignee: Tsz-wo Sze
> Priority: Major
> Labels: pull-request-available
>
> Similar to HDFS-17576, SaslRpcServer should support CustomizedCallbackHandler.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
