hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Daryn Sharp (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HADOOP-9479) Ability to plugin custom authentication mechanisms based on Jaas and Sasl
Date Mon, 22 Apr 2013 20:35:16 GMT

    [ https://issues.apache.org/jira/browse/HADOOP-9479?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13638406#comment-13638406

Daryn Sharp commented on HADOOP-9479:

I like the overall goal, but feel it's a bit rigid in only providing support for only one
additional authentication method.  This change dovetails with the stalled SASL work I've been
doing in the subtasks for HADOOP-8779.  I keep meaning to get back to it.  Many of the changes
were nudging the authentication scheme towards a pluggable design - you've even taken advantage
of some of those changes!

The new hadoop SASL related interfaces shouldn't be necessary.  The javax SASL framework uses
a factory pattern to create clients and servers via SecurityProviders.  SaslPlainServer does
this, although there's probably a cleaner way to do it.

The good news is the patch should be significantly smaller if leveraging the javax framework.
> Ability to plugin custom authentication mechanisms based on Jaas and Sasl
> -------------------------------------------------------------------------
>                 Key: HADOOP-9479
>                 URL: https://issues.apache.org/jira/browse/HADOOP-9479
>             Project: Hadoop Common
>          Issue Type: Sub-task
>          Components: security
>            Reporter: Benoy Antony
>            Assignee: Benoy Antony
>         Attachments: customauthentication.pdf, HADOOP-9479.patch
> Currently, it is not possible to hookup new/modified authentication mechanism to Hadoop.
> The task is to create an extension in hadoop to plugin new Authentication mechanism.
The new authentication mechanism should have both Jaas and Sasl implementations.

This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

View raw message