hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Vinod K V (JIRA)" <j...@apache.org>
Subject [jira] Commented: (HADOOP-6929) RPC should have a way to pass Security information other than protocol annotations
Date Mon, 30 Aug 2010 09:41:56 GMT

    [ https://issues.apache.org/jira/browse/HADOOP-6929?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12904119#action_12904119

Vinod K V commented on HADOOP-6929:

Can we do something like this? (An updated version of Sharad's offline proposal)

interface SecurityContext {
  KerberosContext getKerberosContext(Class protocol);
  TokenContext getTokenContext(Class protocol);

//get the info from annotations
AnnotatedSecurityContext implements SecurityContext {
  KerberosContext getKerborosContext(Class protocol) {
     // construct KerberosContext from annotation KerberosInfo

  TokenContext getTokenContext(Class protocol) {
     // construct TokenContext from annotation TokenInfo

// get the information from hand-crafted context object.
HandCraftedSecurityContext implements SecurityContext {


We will need to pass this context information all through into the RPC layer. (Is this why
annotations were originally used?)

> RPC should have a way to pass Security information other than protocol annotations
> ----------------------------------------------------------------------------------
>                 Key: HADOOP-6929
>                 URL: https://issues.apache.org/jira/browse/HADOOP-6929
>             Project: Hadoop Common
>          Issue Type: Improvement
>          Components: ipc, security
>            Reporter: Sharad Agarwal
>             Fix For: 0.22.0
> Currently Hadoop RPC allows protocol annotations as the only way to pass security information.
This becomes a problem if protocols are generated and not hand written. For example protocols
generated via Avro and passed over Avro tunnel (AvroRpcEngine.java) can't pass the security

This message is automatically generated by JIRA.
You can reply to this email to add a comment to the issue online.

View raw message