giraph-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Eugene Koontz <ekoo...@hiro-tan.org>
Subject Re: Review Request: GIRAPH-211: Add secure authentication to Netty IPC
Date Tue, 04 Sep 2012 18:31:53 GMT
Thanks Maja and Eli for your comments.

 I'm glad you are looking at it and discussing it! It's been a real
learning experience for me too.

I am working today on a new iteration of the patch which introduces a
dedicated ChannelHandler dedicated to SASL- that is, a component in the
pipelines of clients and servers that would be added only if SASL
authentication is enabled by configuration, and is removed after
authentication is completed.

Adding and removing this handler can be done using
ChannelPipeline.addAfter() and .remove(), respectively:

http://docs.jboss.org/netty/3.2/api/org/jboss/netty/channel/ChannelPipeline.html#addFirst%28%29

 I think this would better localize SASL-specific communication,
touching fewer existing files, and slim down the patch. Hopefully this
would also eliminate the need to pass around the ServerData object, and
avoid signature changes to doRequest().

With regard to -Phadoop_2.0.1, sorry about that, Maja - I will open a
new JIRA to add this profile to pom.xml.

The patch should work, however, with other hadoop profiles, as long as
they don't have HADOOP_NON_SECURE in their munge flags.

-Eugene

Mime
View raw message