flume-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Pritchard, Charles X. -ND" <Charles.X.Pritchard....@disney.com>
Subject Re: Adding SSL peer cert info to AvroSource
Date Sat, 08 Feb 2014 02:50:59 GMT
I’d like to be able to use the client CN in subsequent configuration/routing parameters.
The bulk of the Flume config (e.g. selectors, sinks) works with event headers.

A bit confused as to what you’re asking/what your context is when you bring up event persistence.

At the point the event is submitted, we’ve confirmed that the cert is valid and we can add
a timestamp [if really really needed] via interceptor.
This is meant to be client-facing — that is, the client is connecting to AvroSource using
an SSL cert.

There are other sources of course, like http, and so on, but I’m just focused on the AvroSource
client.


If I do understand what you’re saying:  any other servers in a distributed flow are not
going to be looking at the client SSL cert, of course, wouldn’t make any sense.
Most of them aren’t using SSL either, as it’s within a trusted network at that point.


-Charles

On Feb 7, 2014, at 6:33 PM, Mike Percy <mpercy@apache.org<mailto:mpercy@apache.org>>
wrote:

On Fri, Feb 7, 2014 at 5:15 PM, Pritchard, Charles X. -ND <Charles.X.Pritchard.-ND@disney.com<mailto:Charles.X.Pritchard.-ND@disney.com>>
wrote:
I’m finding it a challenge to see where in the AvroSource class I could actually push the
data into Event headers.
All of those methods are stateless when it comes to the connection — they have no access
to ChannelHandlerContext.

Hmm, ok that's what I didn't understand. You want the event header to contain the client CN?
If so, why? Events are persistent data units that may live long after a single connection
in a multi-hop distributed flow.

Mike



Mime
View raw message