[
https://issues.apache.org/jira/browse/HDFS-992?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12836304#action_12836304
]
Kan Zhang commented on HDFS-992:
--------------------------------
Adding a patch that
1. added BlockTokenIdentifier, removed BlockAccessToken, the new block token
(used to be called access token) will just be Token<BlockTokenIdentifier>.
2. Refactored AccessTokenHandler to be BlockTokenSecretManager and added
BlockTokenSelector so that a block token can be used for authentication over
RPC.
3. Enabled ClientDatanodeProtocol to use block token for authentication.
4. Added authorization checking based on the authenticated BlockTokenIdentifier
at Datanode.
> Re-factor block access token implementation to conform to the generic Token
> interface in Common
> -----------------------------------------------------------------------------------------------
>
> Key: HDFS-992
> URL: https://issues.apache.org/jira/browse/HDFS-992
> Project: Hadoop HDFS
> Issue Type: New Feature
> Components: security
> Reporter: Kan Zhang
> Assignee: Kan Zhang
>
> This makes it possible to use block access token as shared key for
> client-to-datanode authentication over RPC. However, access authorization is
> still based on block access token semantics.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
