Thanks Maja and Eli for your comments. I'm glad you are looking at it and discussing it! It's been a real learning experience for me too.
I am working today on a new iteration of the patch which introduces a dedicated ChannelHandler dedicated to SASL- that is, a component in the pipelines of clients and servers that would be added only if SASL authentication is enabled by configuration, and is removed after authentication is completed. Adding and removing this handler can be done using ChannelPipeline.addAfter() and .remove(), respectively: http://docs.jboss.org/netty/3.2/api/org/jboss/netty/channel/ChannelPipeline.html#addFirst%28%29 I think this would better localize SASL-specific communication, touching fewer existing files, and slim down the patch. Hopefully this would also eliminate the need to pass around the ServerData object, and avoid signature changes to doRequest(). With regard to -Phadoop_2.0.1, sorry about that, Maja - I will open a new JIRA to add this profile to pom.xml. The patch should work, however, with other hadoop profiles, as long as they don't have HADOOP_NON_SECURE in their munge flags. -Eugene
