[jira] [Updated] (HBASE-17860) Implement secure native client connection

Fri, 31 Mar 2017 14:49:48 -0700 

     [ 
https://issues.apache.org/jira/browse/HBASE-17860?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Ted Yu updated HBASE-17860:
---------------------------
    Description: 
So far, the native client communicates with insecure cluster.

This JIRA is to add secure connection support for native client using Cyrus 
library.
The work is based on earlier implementation and is redone via wangle and folly 
frameworks.

Thanks to [~devaraj] who started the initiative.

Here is high level description of the design:
* SaslHandler is declared as:
{code}
class SaslHandler
    : public wangle::HandlerAdapter<folly::IOBufQueue&, 
std::unique_ptr<folly::IOBuf>>{
{code}
It would be inserted between EventBaseHandler and LengthFieldBasedFrameDecoder 
in the pipeline (via ConnectionFactory::Connect())

* SaslHandler would intercept writes to server by buffering the IOBuf's and 
start the handshake process (via sasl_client_XX calls provided by Cyrus)

* after handshake is complete, SaslHandler would send the buffered IOBuf's to 
server and act as pass-thru from then on

  was:
So far, the native client communicates with insecure cluster.

This JIRA is to add secure connection support for native client using Cyrus 
library.
The work is based on earlier implementation and is redone via wangle and folly 
frameworks.

Thanks to [~devaraj] who started the initiative.


> Implement secure native client connection
> -----------------------------------------
>
>                 Key: HBASE-17860
>                 URL: https://issues.apache.org/jira/browse/HBASE-17860
>             Project: HBase
>          Issue Type: Sub-task
>            Reporter: Ted Yu
>            Assignee: Ted Yu
>            Priority: Critical
>
> So far, the native client communicates with insecure cluster.
> This JIRA is to add secure connection support for native client using Cyrus 
> library.
> The work is based on earlier implementation and is redone via wangle and 
> folly frameworks.
> Thanks to [~devaraj] who started the initiative.
> Here is high level description of the design:
> * SaslHandler is declared as:
> {code}
> class SaslHandler
>     : public wangle::HandlerAdapter<folly::IOBufQueue&, 
> std::unique_ptr<folly::IOBuf>>{
> {code}
> It would be inserted between EventBaseHandler and 
> LengthFieldBasedFrameDecoder in the pipeline (via 
> ConnectionFactory::Connect())
> * SaslHandler would intercept writes to server by buffering the IOBuf's and 
> start the handshake process (via sasl_client_XX calls provided by Cyrus)
> * after handshake is complete, SaslHandler would send the buffered IOBuf's to 
> server and act as pass-thru from then on



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

Reply via email to