[jira] [Commented] (HDFS-4056) Always start the NN's SecretManager

Mon, 22 Oct 2012 09:20:15 -0700 

    [ 
https://issues.apache.org/jira/browse/HDFS-4056?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13481474#comment-13481474
 ] 

Daryn Sharp commented on HDFS-4056:
-----------------------------------

bq. What combinations of initial and subsequent auth modes are we going to 
support? 

The current RPC client/server behavior is:
* Insecure:
** SIMPLE: accept
** DIGEST-MD5: (secret manager enabled) accept
** DIGEST-MD5: (secret manager disabled) downgrade client to SIMPLE
** KERBEROS: downgrade client to SIMPLE
* Secure:
** SIMPLE: reject
** DIGEST-MD5: (secret manager enabled) accept
** DIGEST-MD5: (secret manager disabled) reject
** KERBEROS: accept

So today an insecure cluster is SIMPLE + SIMPLE, a secure cluster is KERBEROS + 
TOKEN.  This patch enables SIMPLE + TOKEN by activating the secret manager, but 
still supports SIMPLE + SIMPLE.

bq. Bottom line is the server should always be able to figure out by itself 
whether a connection is an initial connection or a subsequent one, based on the 
auth method (and type of credentials) used, since it needs to decide on whether 
tokens can be issued for that connection.

The server already uses the auth the client sends in the rpc connection header 
to determine the sasl method the client wants to use.  The auth to the server 
then determines the UGI's auth.  The NN does not allow a UGI auth of token to 
issue, renew, or cancel tokens.

bq. if we are going to support SIMPLE + SIMPLE then we shouldn't always start 
NN's SecretManager.

If we want to allow compatibility with older clients, then both SIMPLE + SIMPLE 
and SIMPLE + TOKEN must both be supported.  Enabling the option of SIMPLE + 
TOKEN means we need the secret manager enabled which is the aim of this patch.
                
> Always start the NN's SecretManager
> -----------------------------------
>
>                 Key: HDFS-4056
>                 URL: https://issues.apache.org/jira/browse/HDFS-4056
>             Project: Hadoop HDFS
>          Issue Type: Improvement
>          Components: name-node
>    Affects Versions: 0.23.0, 2.0.0-alpha, 3.0.0
>            Reporter: Daryn Sharp
>            Assignee: Daryn Sharp
>         Attachments: HDFS-4056.patch
>
>
> To support the ability to use tokens regardless of whether kerberos is 
> enabled, the NN's secret manager should always be started.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Reply via email to