Github user vijikarthi commented on the issue: https://github.com/apache/flink/pull/2425 Thanks @mxm for the review. I will incorporate your feedback and attach the patch. > When security is enabled, encryption should also be turned on by default. Otherwise we will transmit plain-text passwords over the wire. Yes it makes sense. I will make a conditional check and throw an error if encryption is not enabled when security is enabled? > Should there be too modes for network transmission, 1) with cookie, one without? Do we need 32 bits for the cookie length? We should be precise about the maximum length. I saw it is set to 1024 in other places. Yes, max cookie length validation is 1024. I will change the code where the buffer length was allocated to a high value, instead it will use the byte array length read from the message. > Should we really always send the cookie for every message? The security document mentions in T2-3 that we only want to authorize upon the first connection. Yes, we took the approach to pass secure cookie for every message to keep minimal changes to the current design > Why do we transmit the cookie to the client? This seems like a major security concern. The client should always provide the cookie. edit: I see this has been specified in the document in T2-4. Still, I wonder if it would make sense to simply add this now because the workaround to fetch the cookie from the JobManager doesn't look appealing. Good catch. I forgot to revert the code after the merge and it is not required. Will fix it. > You added a Yarn specific cookie option which should be part of the general options instead. It is added since secure cookie can be supplied when using both Yarn session CLI as well as Flink CLI. I have provided detailed explanation in one of the comments. > You've introduce a new config file to persist the app state. We already have the Yarn properties file for that. I have provided explanation on why we need new config file in one of the comments. Please take a look.
--- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the feature is enabled but not working, please contact infrastructure at infrastruct...@apache.org or file a JIRA ticket with INFRA. ---