[jira] [Commented] (HADOOP-19359) Accelerate token negotiation for other similar mechanisms.

Thu, 09 Oct 2025 10:20:04 -0700 


    [ 
https://issues.apache.org/jira/browse/HADOOP-19359?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=18028832#comment-18028832
 ] 

ASF GitHub Bot commented on HADOOP-19359:
-----------------------------------------

jojochuang commented on code in PR #7983:
URL: https://github.com/apache/hadoop/pull/7983#discussion_r2417441432


##########
hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/SaslMechanismFactory.java:
##########
@@ -65,5 +65,13 @@ public static boolean isDefaultMechanism(String 
saslMechanism) {
     return HADOOP_SECURITY_SASL_MECHANISM_DEFAULT.equals(saslMechanism);
   }
 
+  public static boolean isDigestMechanism(String saslMechanism) {
+    return saslMechanism.startsWith("DIGEST-");

Review Comment:
   maybe consider using hadoop.security.sasl.mechanism to ensure the value is 
expected?
   
   ```
   
     <property>
       <name>hadoop.security.sasl.mechanism</name>
       <value>DIGEST-MD5</value>
       <description>
         The SASL mechanism used in Hadoop.
       </description>
     </property>
   ```



##########
hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/ipc/Server.java:
##########
@@ -2673,7 +2673,7 @@ private RpcSaslProto buildSaslNegotiateResponse()
       // accelerate token negotiation by sending initial challenge
       // in the negotiation response
       if (enabledAuthMethods.contains(AuthMethod.TOKEN)
-          && 
SaslMechanismFactory.isDefaultMechanism(AuthMethod.TOKEN.getMechanismName())) {
+          && 
SaslMechanismFactory.isDigestMechanism(AuthMethod.TOKEN.getMechanismName())) {

Review Comment:
   inside of matching just DIGEST-MD5, match any mechanisms starting with 
DIGEST-*
   
   What mechanisms do we have in mind? I am only aware of DIGEST-MD5. Others 
may be possible but not standardized.





> Accelerate token negotiation for other similar mechanisms.
> ----------------------------------------------------------
>
>                 Key: HADOOP-19359
>                 URL: https://issues.apache.org/jira/browse/HADOOP-19359
>             Project: Hadoop Common
>          Issue Type: Improvement
>          Components: ipc, security
>            Reporter: Tsz-wo Sze
>            Assignee: Tsz-wo Sze
>            Priority: Major
>              Labels: pull-request-available
>
> HADOOP-19227 changed ipc.Server to accelerate token negotiation only for the 
> default mechanism.
> In this JIRA, we change to support other similar mechanisms.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to