[jira] Commented: (AVRO-641) add SASL to socket transport

Fri, 17 Sep 2010 10:51:01 -0700 

    [ 
https://issues.apache.org/jira/browse/AVRO-641?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12910687#action_12910687
 ] 

Aaron T. Myers commented on AVRO-641:
-------------------------------------

This patch looks pretty solid, Doug. I may use some of it as inspiration to 
improve the Thrift SASL implementation. :)

A few comments:

* The SaslSocketTransceiver.transceive(...) method declaration should have a 
space after the return type.
* In SaslSocketTransceiver, it seems like saslResponsePiggybacked can 
potentially be read before its initialized. Should probably explicitly set a 
default value.
* Spelling in the "Overview" section of the protocol spec: "suceeds" -> 
"succeeds".
* In the "Negotiation" section of the protocol spec: I don't believe the 
mechanism name can be UTF-8. I'm pretty sure mechanism names are required to be 
a subset of ASCII, as defined in http://www.faqs.org/rfcs/rfc4422.html. 
Further, the mechanism name can only be up to 20 characters, so no need for 
4-bytes to specify the length of the mechanism name.
* In the "Negotiation" section of the protocol spec: Is it really the case that 
"Once EITHER [capitalization mine] the client or server send a COMPLETE message 
then negotiation has completed successfully" ? i.e. should it not be "both" ?
* In the "Session Data" section of the protocol spec: You make reference to 
"steps 5 and 6" but there is no previous numbering of steps in the protocol.


> add SASL to socket transport
> ----------------------------
>
>                 Key: AVRO-641
>                 URL: https://issues.apache.org/jira/browse/AVRO-641
>             Project: Avro
>          Issue Type: New Feature
>          Components: java
>            Reporter: Doug Cutting
>            Assignee: Doug Cutting
>             Fix For: 1.4.1
>
>         Attachments: AVRO-641.patch, AVRO-641.patch, AVRO-641.patch, 
> AVRO-641.patch, AVRO-641.patch, AVRO-641.patch
>
>
> Java's socket transport is non-standard (not in the Avro spec) but might 
> serve as a prototype of a future standard transport (AVRO-341).
> It would be useful to extend it to support SASL-based authentication and 
> encryption.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

Reply via email to