[
https://issues.apache.org/jira/browse/STORM-2898?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16327047#comment-16327047
]
Yuzhao Chen commented on STORM-2898:
------------------------------------
@Robert Joseph Evans
This looks grate for storm's arch expansibility, just some questions based on
your design:
1. So it is the master/nimbus to generate tokens for all applications ? Then
who will renew these tokens ?
2. How the rotated tokens propagated to workers ?
3. Worker will communicate with Supervisor with token delegated by master ?
4. We really should redesign the tokens management while not reusing Hadoop ?
> Storm should support auth through delegation tokens for workers
> ---------------------------------------------------------------
>
> Key: STORM-2898
> URL: https://issues.apache.org/jira/browse/STORM-2898
> Project: Apache Storm
> Issue Type: New Feature
> Components: storm-client, storm-server
> Affects Versions: 2.0.0
> Reporter: Robert Joseph Evans
> Assignee: Robert Joseph Evans
> Priority: Major
>
> There are a lot of cases where it would be great for a worker to be able to
> communicate directly to nimbus, supervisors, or drpc servers in a secure way
> out of the box.
> This is currently a pain to make work. The user has to ship a TGT with their
> topology, and continually keep it up to date with credentials-push. They
> also need a kind of hacked up jaas.conf to grab the TGT from AutoTGT and put
> it in the place that he client wants it.
> We should just generate a signed data structure (aka delegation token from
> hadoop) that we can had off to the topologies to use when talking to nimbus,
> a supervisor, or drpc servers.
> We may want to split up the different services from each other to make an
> attack against one not hit all of them, but that is something we can think
> about with the design of this.
> I will try to come up with a design shortly.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
