hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Kai Zheng (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HADOOP-9479) Ability to plugin custom authentication mechanisms based on Jaas and Sasl
Date Tue, 23 Apr 2013 09:51:16 GMT

    [ https://issues.apache.org/jira/browse/HADOOP-9479?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13638915#comment-13638915
] 

Kai Zheng commented on HADOOP-9479:
-----------------------------------

Hi Benoy,
Very interesting patch! It provides custom and configurable AuthenticationProvider by wrapping
SASL mechanism and JAAS module.
Would it be better to generalize the AuthenticationProvider so that it can also fit the existing
simple and Kerberos authentication method, and then refactor related code based on it? In
my view it would be great to have such authentication provider that wraps client authentication
and server authentication JAAS modules, the client-server SASL mechanism and related configurations
together as you do, and then have concrete authentication implementations like SimpleAuthenticationProvider,
KerberosAuthenticationProvider, and HADOOP-9296. In this way code and configuration related
to one mechanism can be localized to the provider implementation. Another benefit would be
it allows introducing additional methods in the future without the need to enumerate all of
them in UserGroupInformation.AuthenticationMethod.

                
> Ability to plugin custom authentication mechanisms based on Jaas and Sasl
> -------------------------------------------------------------------------
>
>                 Key: HADOOP-9479
>                 URL: https://issues.apache.org/jira/browse/HADOOP-9479
>             Project: Hadoop Common
>          Issue Type: Sub-task
>          Components: security
>            Reporter: Benoy Antony
>            Assignee: Benoy Antony
>         Attachments: customauthentication.pdf, HADOOP-9479.patch
>
>
> Currently, it is not possible to hookup new/modified authentication mechanism to Hadoop.
> The task is to create an extension in hadoop to plugin new Authentication mechanism.
The new authentication mechanism should have both Jaas and Sasl implementations.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message