hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Daryn Sharp (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HADOOP-8779) Use tokens regardless of authentication type
Date Mon, 22 Oct 2012 23:16:14 GMT

    [ https://issues.apache.org/jira/browse/HADOOP-8779?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13481914#comment-13481914

Daryn Sharp commented on HADOOP-8779:

bq. {quote} I've long considered whether job submission should set a conf key that forces
a task to only use tokens which is what I think you are also suggesting.{quote}

bq. For example, the job client upper layer could decide on which auth method to use and tell
RPC client to use that, or it could just pass to the RPC client the connection type (initial
or subsequent) and let RPC client choose the right auth method.

I think we might be in violent agreement...?

bq. I think we should agree on the overall design and what behaviors are supported at each
piece, at least at a high-level, before making changes to any of them

The design is rather simple at a high level.  I'll write up a doc if this isn't clear, or
a good basis for discussion:
# Allow tokens to be issued for any non-token authentication (SIMPLE/KERBEROS/etc) method
# Allow clients to use said tokens for subsequent connections
# Remove all the conditionals from the filesystems for whether tokens can be acquired and/or
# Always submit jobs with tokens
#* maybe controlled via a conf setting, would prefer no setting to reduce code complexity
#* add a conf key to the job conf that instructs the task's RPC client that it must use tokens

Everything is already in place within the RPC layer to support tokens with any auth if a secret
manager is enabled.  Hence, HDFS-4056 is attempting to activate the secret manager which places
us between steps 2 & 3.

Removing the conditionals in the filesystems doesn't mandate tokens with SIMPLE auth, but
allows them to be used if the job client requests them.  Step 4 is where we decide when and
if tokens are required.

bq. For example, if we agree on supporting SIMPLE + SIMPLE, HDFS-4056 is not needed.

In https://issues.apache.org/jira/browse/HADOOP-8758?focusedCommentId=13448518&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-13448518,
you formerly agreed this was worthwhile:  "Robert Joseph Evans and Daryn Sharp, I agree we
should allow SIMPLE auth to be coupled with tokens."  Has your position changed?
> Use tokens regardless of authentication type
> --------------------------------------------
>                 Key: HADOOP-8779
>                 URL: https://issues.apache.org/jira/browse/HADOOP-8779
>             Project: Hadoop Common
>          Issue Type: New Feature
>          Components: fs, security
>    Affects Versions: 3.0.0, 2.0.2-alpha
>            Reporter: Daryn Sharp
>            Assignee: Daryn Sharp
> Security is a combination of authentication and authorization (tokens).  Authorization
may be granted independently of the authentication model.  Tokens should be used regardless
of simple or kerberos authentication.

This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

View raw message