giraph-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Avery Ching <ach...@apache.org>
Subject Re: Review Request: GIRAPH-211: Add secure authentication to Netty IPC
Date Wed, 05 Sep 2012 01:56:39 GMT
I really like this idea, so we don't need to have a separate 
SaslNettyClient and SaslNettyServer.  It makes a lot of sense to have a 
ChannelHandler that can be inserted if security is desired.  This should 
be a lot cleaner.

Avery

On 9/4/12 11:31 AM, Eugene Koontz wrote:
> Thanks Maja and Eli for your comments.
>
>   I'm glad you are looking at it and discussing it! It's been a real
> learning experience for me too.
>
> I am working today on a new iteration of the patch which introduces a
> dedicated ChannelHandler dedicated to SASL- that is, a component in the
> pipelines of clients and servers that would be added only if SASL
> authentication is enabled by configuration, and is removed after
> authentication is completed.
>
> Adding and removing this handler can be done using
> ChannelPipeline.addAfter() and .remove(), respectively:
>
> http://docs.jboss.org/netty/3.2/api/org/jboss/netty/channel/ChannelPipeline.html#addFirst%28%29
>
>   I think this would better localize SASL-specific communication,
> touching fewer existing files, and slim down the patch. Hopefully this
> would also eliminate the need to pass around the ServerData object, and
> avoid signature changes to doRequest().
>
> With regard to -Phadoop_2.0.1, sorry about that, Maja - I will open a
> new JIRA to add this profile to pom.xml.
>
> The patch should work, however, with other hadoop profiles, as long as
> they don't have HADOOP_NON_SECURE in their munge flags.
>
> -Eugene


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message