hadoop-hdfs-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Aaron T. Myers (Commented) (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HDFS-2617) Replaced Kerberized SSL for image transfer and fsck with SPNEGO-based solution
Date Fri, 02 Dec 2011 01:42:40 GMT

    [ https://issues.apache.org/jira/browse/HDFS-2617?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13161352#comment-13161352
] 

Aaron T. Myers commented on HDFS-2617:
--------------------------------------

Hey Jakob, I think getting rid of KSSL (e.g. replacing it with SPNEGO) would be a huge improvement.
But, I'd like to propose an alternate design which should be just as secure, and potentially
simpler to implement.

Given that a checkpoint by the 2NN already has to do a few RPCs before the transfer of the
fsimage/edits (to, e.g. initiate an edits log roll), we could easily generate a shared secret
token between the NN and 2NN in this RPC, which then could be included as a URL parameter
during the fsimage/edits transfers over HTTP. I suspect this will be easier to implement,
is just as secure as SPNEGO/KSSL since when security is enabled the RPCs creating the secret
token will be authenticated, and has the advantage of making checkpoints execute the same
code paths with or without security enabled.

Thoughts?
                
> Replaced Kerberized SSL for image transfer and fsck with SPNEGO-based solution
> ------------------------------------------------------------------------------
>
>                 Key: HDFS-2617
>                 URL: https://issues.apache.org/jira/browse/HDFS-2617
>             Project: Hadoop HDFS
>          Issue Type: Improvement
>            Reporter: Jakob Homan
>            Assignee: Jakob Homan
>
> The current approach to secure and authenticate nn web services is based on Kerberized
SSL and was developed when a SPNEGO solution wasn't available. Now that we have one, we can
get rid of the non-standard KSSL and use SPNEGO throughout.  This will simplify setup and
configuration.  Also, Kerberized SSL is a non-standard approach with its own quirks and dark
corners (HDFS-2386).

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

Mime
View raw message