[
https://issues.apache.org/jira/browse/HADOOP-9421?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13679966#comment-13679966
]
Daryn Sharp commented on HADOOP-9421:
-------------------------------------
I'm open to improvements, but I'm having a hard reconciling how to add this
capability. The SASL client and server must be instantiated with the exact
same mechanism/protocol/serverId or the SASL server throws an exception.
The initial connect will require a way for the client to solicit the NEGOTIATE
otherwise it has no idea what to do. This is what incurs a roundtrip.
Here's what it would take for a reconnect:
# The client sends an INITIATE using the cached SaslAuth, but w/o instantiating
it's SASL client until it receives the CHALLENGE response
# The client can't generate an initial SASL response token since it hasn't
instantiated the SASL client - leading to an additional roundtrip for SASL
# The server's first CHALLENGE response must set the SaslAuth protobuf field
which it currently doesn't, but not a big deal
# Client now instantiates SASL client based on SaslAuth in CHALLENGE and
processes the token
> Convert SASL to use ProtoBuf and add lengths for non-blocking processing
> ------------------------------------------------------------------------
>
> Key: HADOOP-9421
> URL: https://issues.apache.org/jira/browse/HADOOP-9421
> Project: Hadoop Common
> Issue Type: Sub-task
> Affects Versions: 2.0.3-alpha
> Reporter: Sanjay Radia
> Assignee: Daryn Sharp
> Attachments: HADOOP-9421.patch, HADOOP-9421.patch, HADOOP-9421.patch,
> HADOOP-9421.patch, HADOOP-9421-v2-demo.patch
>
>
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
