[
https://issues.apache.org/jira/browse/HADOOP-9421?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Daryn Sharp updated HADOOP-9421:
--------------------------------
Attachment: HADOOP-9421.patch
Only response that will ever be sent after a connection header is a RPC
exception for invalid fields. Server will not SASL respond to a client until
it sends either NEGOTIATE or INITIATE.
If the client sends NEGOTIATE, the server responds with a full list of his
negotiation methods. The client has one shot to do an INITIATE before failure.
If the client sends INITIATE, and guesses wrong, the server responds with
NEGOTIATE. Again, the client now has one shot to send a valid INITIATE.
Basically the client gets one freebie to do a bad INITIATE. Once the client
has been informed of valid auth methods, it must use a valid one. This forces
authentication down a deterministic progression of states. If the client
fumbles, the authentication fails.
> Convert SASL to use ProtoBuf and add lengths for non-blocking processing
> ------------------------------------------------------------------------
>
> Key: HADOOP-9421
> URL: https://issues.apache.org/jira/browse/HADOOP-9421
> Project: Hadoop Common
> Issue Type: Sub-task
> Affects Versions: 2.0.3-alpha
> Reporter: Sanjay Radia
> Assignee: Daryn Sharp
> Priority: Blocker
> Attachments: HADOOP-9421.patch, HADOOP-9421.patch, HADOOP-9421.patch,
> HADOOP-9421.patch, HADOOP-9421.patch, HADOOP-9421.patch, HADOOP-9421.patch,
> HADOOP-9421.patch, HADOOP-9421.patch, HADOOP-9421-v2-demo.patch
>
>
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
