[jira] [Commented] (TINKERPOP-1566) Kerberos authentication for gremlin-server

Mon, 20 Feb 2017 09:48:12 -0800 

    [ 
https://issues.apache.org/jira/browse/TINKERPOP-1566?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15874868#comment-15874868
 ] 

ASF GitHub Bot commented on TINKERPOP-1566:
-------------------------------------------

Github user robertdale commented on a diff in the pull request:

    https://github.com/apache/tinkerpop/pull/534#discussion_r102058441
  
    --- Diff: docs/src/reference/gremlin-applications.asciidoc ---
    @@ -1035,6 +1035,7 @@ The following table describes the various YAML 
configuration options that Gremli
     |=========================================================
     |Key |Description |Default
     |authentication.className |The fully qualified classname of an 
`Authenticator` implementation to use.  If this setting is not present, then 
authentication is effectively disabled. |`AllowAllAuthenticator`
    +|authentication.enableAuditLog |The available authenticators can issue 
audit logging messages, binding the authenticated user to his remote socket 
address and binding requests with a gremlin query to the remote socket address. 
For privacy reasons, the default value of this setting is false. The audit 
logging messages are logged at the INFO level via the 
`audit.org.apache.tinkerpop.gremlin.server` logger, which can be configured 
using the log4j.properties file. |false
    --- End diff --
    
    Should this be in alphabetical order?


> Kerberos authentication for gremlin-server
> ------------------------------------------
>
>                 Key: TINKERPOP-1566
>                 URL: https://issues.apache.org/jira/browse/TINKERPOP-1566
>             Project: TinkerPop
>          Issue Type: Improvement
>          Components: server
>            Reporter: Marc de Lignie
>            Priority: Minor
>              Labels: security
>             Fix For: 3.3.0
>
>
> Gremlin server would benefit from an explicit Kerberos authentication plugin, 
> because preparing and maintaining such a plugin is nontrivial. Also, many 
> other Apache project provide kerberized services.
> In gremlin-console the standard Krb5LoginModule can be configured. 
> Gremlin-server already includes the pluggable Sasl framework that can host 
> the proposed Kerberos authentication plugin. 



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

Reply via email to