hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Daryn Sharp (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HADOOP-8779) Use tokens regardless of authentication type
Date Wed, 24 Oct 2012 16:04:13 GMT

    [ https://issues.apache.org/jira/browse/HADOOP-8779?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13483342#comment-13483342
] 

Daryn Sharp commented on HADOOP-8779:
-------------------------------------

I think we're starting to over-engineer the issue at hand and bleeding requirements for other
jiras like HADOOP-8758 into the design.  This jira has a different goal that happens to be
a step in that direction, but this jira has a much simpler goal:  supporting tokens on "insecure"
clusters.  I had hoped to eliminate all the conditional code paths for security and make SIMPLE
behave no differently than other auth methods.  I feel we have become excessively bogged down
trying to supporting SIMPLE with tokens (my initial goal) and w/o tokens (your goal).

A far simpler approach is supporting SASL's PLAIN mechanism.  It's basically hadoop's SIMPLE,
but within the context of SASL.  The end result is that PLAIN will trigger all the {{isSecurityEnabled}}
code w/o changing any of the behavior of SIMPLE.  The change becomes almost trivial because
I won't have to touch the security conditionals in filesystems, mr, or yarn.

Then all we need is a conf key, such as the one in HADOOP-8965, to force clients (ie. a task)
to use a token instead of attempting an auth.  I don't feel we need to ponder multiple internal
auths - tokens can be used with any external auth as this approach will demonstrate.  Users
will get a clean error message from failed tasks such as "hey, you don't have a token!" instead
of huge cryptic SASL exceptions.  I'd like to keep this change succinct and leave broader
changes to other jiras.

Is this approach more palatable?  The only downside is that we still need to do dual testing
for secure/insecure, which I'd hoped to eliminate...  But at least the pre-commits finally
have the option to use PLAIN auth to test security.
                
> Use tokens regardless of authentication type
> --------------------------------------------
>
>                 Key: HADOOP-8779
>                 URL: https://issues.apache.org/jira/browse/HADOOP-8779
>             Project: Hadoop Common
>          Issue Type: New Feature
>          Components: fs, security
>    Affects Versions: 3.0.0, 2.0.2-alpha
>            Reporter: Daryn Sharp
>            Assignee: Daryn Sharp
>
> Security is a combination of authentication and authorization (tokens).  Authorization
may be granted independently of the authentication model.  Tokens should be used regardless
of simple or kerberos authentication.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message