[jira] [Created] (STORM-430) (Security) Allow netty SASL to support encryption as well

Robert Joseph Evans (JIRA) Wed, 30 Jul 2014 11:59:37 -0700

Robert Joseph Evans created STORM-430:
-----------------------------------------


             Summary: (Security) Allow netty SASL to support encryption as well
                 Key: STORM-430
                 URL: https://issues.apache.org/jira/browse/STORM-430
             Project: Apache Storm (Incubating)
          Issue Type: Improvement
            Reporter: Robert Joseph Evans
            Assignee: Raghavendra Nandagopal


SASL provides more then just authentication, it can also provide integraty 
guarantees.

as described here
http://docs.oracle.com/javase/7/docs/api/javax/security/sasl/Sasl.html#QOP

and

http://docs.oracle.com/javase/7/docs/technotes/guides/security/sasl/sasl-refguide.html

In order to provide those guarantees encryption is used, and the wrap/unwrap 
methods for the SaslClient and Server must be used.  It would be great to 
support this for storm as well, allowing users to configure the level of 
security they want.



--
This message was sent by Atlassian JIRA
(v6.2#6252)

[jira] [Created] (STORM-430) (Security) Allow netty SASL to support encryption as well

Reply via email to