hadoop-common-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Tsz Wo (Nicholas), SZE (JIRA)" <j...@apache.org>
Subject [jira] Created: (HADOOP-2183) Change RPC to provide secure communication
Date Sat, 10 Nov 2007 00:06:50 GMT
Change RPC to provide secure communication
------------------------------------------

                 Key: HADOOP-2183
                 URL: https://issues.apache.org/jira/browse/HADOOP-2183
             Project: Hadoop
          Issue Type: New Feature
            Reporter: Tsz Wo (Nicholas), SZE


In the current version of RPC, there is no authentication or data protection.  We propose
to change the RPC framework, so that secure communication is possible.

The new RPC should:
- Compatible with current RPC
- Allow a pluggable security implementations (see HADOOP-1701)
- Support both secure and non-secure modes.

Here is a rough idea:
- Store security information (e.g. username, keys) in a ticket
- Use the ticket to establish a RPC connection
- Create secure sockets by the (subclass of) SocketFactory corresponding to the selected security
implementations
- Send the data and RPC parameters with the secure sockets

When authentication is supported, the RPC callee should also initialize caller information
during RPC setup and execute the RPC on the caller's behalf.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message