hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Luke Lu (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HADOOP-6929) RPC should have a way to pass Security information other than protocol annotations
Date Mon, 23 May 2011 22:23:48 GMT

    [ https://issues.apache.org/jira/browse/HADOOP-6929?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13038279#comment-13038279

Luke Lu commented on HADOOP-6929:

bq. In particular, you don't want to put class names in configuration

This is a pervasive anti-pattern used in hadoop all over the place, HADOOP-7150 is supposed
to address that.

bq. and certainly don't want the new SecurityContext to replace the current one.

Agreed. This is a major flaw of the current patch, though the flawed mechanism is still workable
if the new security info implements the fallback mechanism.

bq. private static ServiceLoader<SecurityInfo> securityInfoProviders = new ServiceLoader<SecurityInfo>(SecurityInfo.class);

The usage should be:
ServiceLoader<SecurityInfo> securityInfoProviders = ServiceLoader.load(SecurityInfo.class);

> RPC should have a way to pass Security information other than protocol annotations
> ----------------------------------------------------------------------------------
>                 Key: HADOOP-6929
>                 URL: https://issues.apache.org/jira/browse/HADOOP-6929
>             Project: Hadoop Common
>          Issue Type: Improvement
>          Components: ipc, security
>            Reporter: Sharad Agarwal
>            Assignee: Sharad Agarwal
>         Attachments: Hadoop-6929_v1.patch
> Currently Hadoop RPC allows protocol annotations as the only way to pass security information.
This becomes a problem if protocols are generated and not hand written. For example protocols
generated via Avro and passed over Avro tunnel (AvroRpcEngine.java) can't pass the security

This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira

View raw message