ASF GitHub Bot commented on FLINK-3929:

Github user mxm commented on a diff in the pull request:

    --- Diff: 
    @@ -79,9 +82,8 @@ public static void install(SecurityConfiguration config) 
throws Exception {
                JaasConfiguration jaasConfig = new 
JaasConfiguration(config.keytab, config.principal);
    -           //hack since Kafka Login Handler explicitly looks for the 
property or else it throws an exception
    -           System.setProperty("java.security.auth.login.config", "");
    +           //temporary fix
    +           populateJaasConfigSystemProperty(config.flinkConf);
    --- End diff --
    From my experience comments like "temporary fix" tend to stay forever. I 
would replace it with something that explains the reasoning. That helps to fix 
the code when it is reviewed later on.

> Support for Kerberos Authentication with Keytab Credential
> ----------------------------------------------------------
>                 Key: FLINK-3929
>                 URL: https://issues.apache.org/jira/browse/FLINK-3929
>             Project: Flink
>          Issue Type: New Feature
>            Reporter: Eron Wright 
>            Assignee: Vijay Srinivasaraghavan
>              Labels: kerberos, security
>   Original Estimate: 672h
>  Remaining Estimate: 672h
> _This issue is part of a series of improvements detailed in the [Secure Data 
> Access|https://docs.google.com/document/d/1-GQB6uVOyoaXGwtqwqLV8BHDxWiMO2WnVzBoJ8oPaAs/edit?usp=sharing]
>  design doc._
> Add support for a keytab credential to be associated with the Flink cluster, 
> to facilitate:
> - Kerberos-authenticated data access for connectors
> - Kerberos-authenticated ZooKeeper access
> Support both the standalone and YARN deployment modes.

This message was sent by Atlassian JIRA

Reply via email to