hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Kan Zhang (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HADOOP-8779) Use tokens regardless of authentication type
Date Sat, 27 Oct 2012 23:41:12 GMT

    [ https://issues.apache.org/jira/browse/HADOOP-8779?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13485527#comment-13485527
] 

Kan Zhang commented on HADOOP-8779:
-----------------------------------

bq. Even if we used SASL PLAIN, we would still have to differentiate between PLAIN and DIGEST-MD5,
so that NN knows when to start its SecretManager.

Sorry, my above comment should read "... differentiate between PLAIN and Kerberos, ...", since
I was talking about initial auth methods.

bq. I'm making isSecurityEnabled mean SASL is being used. SIMPLE doesn't change at all and
doesn't use tokens, while PLAIN means security is enabled and tokens are required for internal
auth.

This might work. isSecurityEnabled is extensively used in the code base. Pls make sure the
new semantics fits in all cases (especially where it might be used to mean "Kerberos is enabled").
                
> Use tokens regardless of authentication type
> --------------------------------------------
>
>                 Key: HADOOP-8779
>                 URL: https://issues.apache.org/jira/browse/HADOOP-8779
>             Project: Hadoop Common
>          Issue Type: New Feature
>          Components: fs, security
>    Affects Versions: 3.0.0, 2.0.2-alpha
>            Reporter: Daryn Sharp
>            Assignee: Daryn Sharp
>
> Security is a combination of authentication and authorization (tokens).  Authorization
may be granted independently of the authentication model.  Tokens should be used regardless
of simple or kerberos authentication.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message