[
https://issues.apache.org/jira/browse/HADOOP-6419?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12828731#action_12828731
]
Allen Wittenauer commented on HADOOP-6419:
------------------------------------------
bq. Does it matter that we don't allow server principals like "a...@b.org" and
insist on "a/c...@b.org"? Does SASL insist on it? It is certainly the standard
practice, but we are forcing it as a requirement.
IMO, I do not think Hadoop should force it as a requirement.
> Change RPC layer to support SASL based mutual authentication
> ------------------------------------------------------------
>
> Key: HADOOP-6419
> URL: https://issues.apache.org/jira/browse/HADOOP-6419
> Project: Hadoop Common
> Issue Type: New Feature
> Components: security
> Reporter: Kan Zhang
> Assignee: Kan Zhang
> Attachments: c6419-26.patch, c6419-39.patch, c6419-45.patch,
> c6419-66.patch, c6419-67.patch, c6419-69.patch, c6419-70.patch,
> c6419-72.patch, c6419-73.patch
>
>
> The authentication mechanism to use will be SASL DIGEST-MD5 (see RFC-2222 and
> RFC-2831) or SASL GSSAPI/Kerberos. Since J2SE 5, Sun provides a SASL
> implementation by default. Both our delegation token and job token can be
> used as credentials for SASL DIGEST-MD5 authentication.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
