[ 
https://issues.apache.org/jira/browse/HADOOP-8779?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13483342#comment-13483342
 ] 

Daryn Sharp commented on HADOOP-8779:
-------------------------------------

I think we're starting to over-engineer the issue at hand and bleeding 
requirements for other jiras like HADOOP-8758 into the design.  This jira has a 
different goal that happens to be a step in that direction, but this jira has a 
much simpler goal:  supporting tokens on "insecure" clusters.  I had hoped to 
eliminate all the conditional code paths for security and make SIMPLE behave no 
differently than other auth methods.  I feel we have become excessively bogged 
down trying to supporting SIMPLE with tokens (my initial goal) and w/o tokens 
(your goal).

A far simpler approach is supporting SASL's PLAIN mechanism.  It's basically 
hadoop's SIMPLE, but within the context of SASL.  The end result is that PLAIN 
will trigger all the {{isSecurityEnabled}} code w/o changing any of the 
behavior of SIMPLE.  The change becomes almost trivial because I won't have to 
touch the security conditionals in filesystems, mr, or yarn.

Then all we need is a conf key, such as the one in HADOOP-8965, to force 
clients (ie. a task) to use a token instead of attempting an auth.  I don't 
feel we need to ponder multiple internal auths - tokens can be used with any 
external auth as this approach will demonstrate.  Users will get a clean error 
message from failed tasks such as "hey, you don't have a token!" instead of 
huge cryptic SASL exceptions.  I'd like to keep this change succinct and leave 
broader changes to other jiras.

Is this approach more palatable?  The only downside is that we still need to do 
dual testing for secure/insecure, which I'd hoped to eliminate...  But at least 
the pre-commits finally have the option to use PLAIN auth to test security.
                
> Use tokens regardless of authentication type
> --------------------------------------------
>
>                 Key: HADOOP-8779
>                 URL: https://issues.apache.org/jira/browse/HADOOP-8779
>             Project: Hadoop Common
>          Issue Type: New Feature
>          Components: fs, security
>    Affects Versions: 3.0.0, 2.0.2-alpha
>            Reporter: Daryn Sharp
>            Assignee: Daryn Sharp
>
> Security is a combination of authentication and authorization (tokens).  
> Authorization may be granted independently of the authentication model.  
> Tokens should be used regardless of simple or kerberos authentication.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Reply via email to