hadoop-hdfs-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Chen Liang (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HDFS-13617) Allow wrapping NN QOP into token in encrypted message
Date Mon, 28 Jan 2019 23:48:00 GMT

    [ https://issues.apache.org/jira/browse/HDFS-13617?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16754450#comment-16754450
] 

Chen Liang commented on HDFS-13617:
-----------------------------------

Sorry for being late on getting back to this. Thanks [~shv] for the review! post v006 patch
to address the comments. I change to leverage encryption method from {{SecretManager}} instead
of doing in {{NameNodeRpcServer}} as suggested.  

I did not make change for #6 though. It requires additional refactoring to make certain methods
static. More importantly, I found it difficult to make it work with parameterized test. As
certain variable used in setup() are set during initialization due to parameterized test,
but tagging setup() with beforeClass means setup() happen before initialization.

> Allow wrapping NN QOP into token in encrypted message
> -----------------------------------------------------
>
>                 Key: HDFS-13617
>                 URL: https://issues.apache.org/jira/browse/HDFS-13617
>             Project: Hadoop HDFS
>          Issue Type: Sub-task
>            Reporter: Chen Liang
>            Assignee: Chen Liang
>            Priority: Major
>         Attachments: HDFS-13617.001.patch, HDFS-13617.002.patch, HDFS-13617.003.patch,
HDFS-13617.004.patch, HDFS-13617.005.patch, HDFS-13617.006.patch
>
>
> This Jira allows NN to configurably wrap the QOP it has established with the client
into the token message sent back to the client. The QOP is sent back in encrypted message,
using BlockAccessToken encryption key as the key.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: hdfs-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: hdfs-issues-help@hadoop.apache.org


Mime
View raw message