[jira] [Commented] (STORM-430) (Security) Allow netty SASL to support encryption as well

Thu, 04 Sep 2014 16:19:06 -0700 

    [ 
https://issues.apache.org/jira/browse/STORM-430?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14122158#comment-14122158
 ] 

ASF GitHub Bot commented on STORM-430:
--------------------------------------

GitHub user RaghavendraNandagopal opened a pull request:

    https://github.com/apache/incubator-storm/pull/250

    STORM-430: Allow netty SASL to support encryption as well

    Hi Bobby,
      I have made the changes for Netty SASL to support encryption through wrap 
and unwrap functionality.  Please review and let me know if you require 
additional changes.
    
    Thanks,
    Raghavendra Nandagopal

You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/RaghavendraNandagopal/incubator-storm security

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/incubator-storm/pull/250.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #250
    
----
commit 63d5be871dab1ae13f7083aed29470f4de2e9a11
Author: Raghavendra Nandagopal <[email protected]>
Date:   2014-09-04T23:10:39Z

    STORM-430: Allow netty SASL to support encryption as well

----


> (Security) Allow netty SASL to support encryption as well
> ---------------------------------------------------------
>
>                 Key: STORM-430
>                 URL: https://issues.apache.org/jira/browse/STORM-430
>             Project: Apache Storm (Incubating)
>          Issue Type: Improvement
>            Reporter: Robert Joseph Evans
>            Assignee: Raghavendra Nandagopal
>         Attachments: Storm-Netty Secure Layer.pdf
>
>
> SASL provides more then just authentication, it can also provide integraty 
> guarantees.
> as described here
> http://docs.oracle.com/javase/7/docs/api/javax/security/sasl/Sasl.html#QOP
> and
> http://docs.oracle.com/javase/7/docs/technotes/guides/security/sasl/sasl-refguide.html
> In order to provide those guarantees encryption is used, and the wrap/unwrap 
> methods for the SaslClient and Server must be used.  It would be great to 
> support this for storm as well, allowing users to configure the level of 
> security they want.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to