accumulo-notifications mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Josh Elser (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (ACCUMULO-3706) Support SASL/Kerberos based authentication for replication
Date Mon, 06 Apr 2015 03:28:12 GMT

    [ https://issues.apache.org/jira/browse/ACCUMULO-3706?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14480893#comment-14480893
] 

Josh Elser commented on ACCUMULO-3706:
--------------------------------------

I have this working locally (AFAICT). I need to write a good test for it and run it through
its paces. I think I have some javadoc to update too.

> Support SASL/Kerberos based authentication for replication
> ----------------------------------------------------------
>
>                 Key: ACCUMULO-3706
>                 URL: https://issues.apache.org/jira/browse/ACCUMULO-3706
>             Project: Accumulo
>          Issue Type: Bug
>          Components: replication
>            Reporter: Josh Elser
>            Assignee: Josh Elser
>            Priority: Blocker
>             Fix For: 1.7.0
>
>
> Right now, a password is baked into the replication configuration (like everything else).
Need to support a keytab too.
> To make it work across clusters, need to support authentication as someone other than
the system user (likely a principal without an instance).
> I think we'd need to use this principal and wrap the actual replication work in a {{doAs}}
to prevent bashing the server's credentials its using for client requests.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message