[jira] [Commented] (STORM-430) (Security) Allow netty SASL to support encryption/decryption

Wed, 10 Sep 2014 10:48:03 -0700 

    [ 
https://issues.apache.org/jira/browse/STORM-430?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14128791#comment-14128791
 ] 

ASF GitHub Bot commented on STORM-430:
--------------------------------------

Github user revans2 commented on a diff in the pull request:

    https://github.com/apache/incubator-storm/pull/250#discussion_r17376755
  
    --- Diff: storm-core/src/jvm/backtype/storm/messaging/netty/Client.java ---
    @@ -333,6 +348,27 @@ private void flushRequest(Channel channel, final 
MessageBatch requests) {
             if (requests == null)
                 return;
     
    +        // Wait until the netty authentication completes
    +           boolean isNettyAuth = (Boolean) this.storm_conf
    +                           
.get(Config.STORM_MESSAGING_NETTY_AUTHENTICATION);
    +           if (isNettyAuth && authenticatedSignal != null) {
    +                   try {
    +                           LOG.debug("sasl Waiting until the netty 
authentication completes");
    +                           authenticatedSignal.await();
    +                           authenticatedSignal = null;
    +                           LOG.debug("sasl Netty authentication completed, 
proceeding further");
    +                   } catch (InterruptedException e) {
    +                           LOG.error(
    +                                           "failed to send requests to " + 
remote_addr.toString()
    +                                                           + ": ", 
e.getMessage());
    --- End diff --
    
    I think we just want e, not e.getMessage() here.


> (Security) Allow netty SASL to support encryption/decryption
> ------------------------------------------------------------
>
>                 Key: STORM-430
>                 URL: https://issues.apache.org/jira/browse/STORM-430
>             Project: Apache Storm (Incubating)
>          Issue Type: Improvement
>            Reporter: Robert Joseph Evans
>            Assignee: Raghavendra Nandagopal
>         Attachments: Storm-Netty Secure Layer.pdf
>
>
> SASL provides more then just authentication, it can also provide integraty 
> guarantees.
> as described here 
> http://docs.oracle.com/javase/7/docs/api/javax/security/sasl/Sasl.html#QOP
> and 
> http://docs.oracle.com/javase/7/docs/technotes/guides/security/sasl/sasl-refguide.html
> In order to provide those guarantees encryption is used, and the wrap/unwrap 
> methods for the SaslClient and Server must be used.  It would be great to 
> support this for storm as well, allowing users to configure the level of 
> security they want.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to