joshelser commented on a change in pull request #884: HBASE-23347 Allowable
custom authentication methods for RPCs
URL: https://github.com/apache/hbase/pull/884#discussion_r354534305
##########
File path:
hbase-server/src/main/java/org/apache/hadoop/hbase/ipc/ServerRpcConnection.java
##########
@@ -762,18 +748,17 @@ protected final boolean processPreamble(ByteBuffer
preambleBuffer) throws IOExce
return false;
}
}
- if (!this.rpcServer.isSecurityEnabled && authMethod != AuthMethod.SIMPLE) {
- doRawSaslReply(SaslStatus.SUCCESS, new
IntWritable(SaslUtil.SWITCH_TO_SIMPLE_AUTH), null,
- null);
- authMethod = AuthMethod.SIMPLE;
- // client has already sent the initial Sasl message and we
- // should ignore it. Both client and server should fall back
- // to simple auth from now on.
- skipInitialSaslHandshake = true;
- }
- if (authMethod != AuthMethod.SIMPLE) {
- useSasl = true;
- }
+ // TODO can we remove this fallback? Is this even a good idea?
Review comment:
Forgot to write back here to close this out.
See broken-out discussion in
https://github.com/apache/hbase/pull/884/#issuecomment-561763753
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
With regards,
Apache Git Services
