[jira] [Updated] (STORM-430) (Security) Allow netty SASL to support encryption as well

Raghavendra Nandagopal (JIRA) Thu, 04 Sep 2014 16:28:14 -0700

     [ 
https://issues.apache.org/jira/browse/STORM-430?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Raghavendra Nandagopal updated STORM-430:
-----------------------------------------
    Description: 
SASL provides more then just authentication, it can also provide integraty 
guarantees.
as described here 
http://docs.oracle.com/javase/7/docs/api/javax/security/sasl/Sasl.html#QOP
and 
http://docs.oracle.com/javase/7/docs/technotes/guides/security/sasl/sasl-refguide.html

In order to provide those guarantees encryption is used, and the wrap/unwrap 
methods for the SaslClient and Server must be used.  It would be great to 
support this for storm as well, allowing users to configure the level of 
security they want.

  was:
SASL provides more then just authentication, it can also provide integraty 
guarantees.

as described here
http://docs.oracle.com/javase/7/docs/api/javax/security/sasl/Sasl.html#QOP

and

http://docs.oracle.com/javase/7/docs/technotes/guides/security/sasl/sasl-refguide.html

In order to provide those guarantees encryption is used, and the wrap/unwrap 
methods for the SaslClient and Server must be used.  It would be great to 
support this for storm as well, allowing users to configure the level of 
security they want.


> (Security) Allow netty SASL to support encryption as well
> ---------------------------------------------------------
>
>                 Key: STORM-430
>                 URL: https://issues.apache.org/jira/browse/STORM-430
>             Project: Apache Storm (Incubating)
>          Issue Type: Improvement
>            Reporter: Robert Joseph Evans
>            Assignee: Raghavendra Nandagopal
>         Attachments: Storm-Netty Secure Layer.pdf
>
>
> SASL provides more then just authentication, it can also provide integraty 
> guarantees.
> as described here 
> http://docs.oracle.com/javase/7/docs/api/javax/security/sasl/Sasl.html#QOP
> and 
> http://docs.oracle.com/javase/7/docs/technotes/guides/security/sasl/sasl-refguide.html
> In order to provide those guarantees encryption is used, and the wrap/unwrap 
> methods for the SaslClient and Server must be used.  It would be great to 
> support this for storm as well, allowing users to configure the level of 
> security they want.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Updated] (STORM-430) (Security) Allow netty SASL to support encryption as well

Reply via email to