[jira] [Updated] (HADOOP-10221) Add a plugin to specify SaslProperties for RPC protocol based on connection properties

Thu, 03 Apr 2014 09:14:44 -0700 

     [ 
https://issues.apache.org/jira/browse/HADOOP-10221?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Benoy Antony updated HADOOP-10221:
----------------------------------

    Release Note: 
SaslPropertiesResolver  or its subclass is used to resolve the QOP used for a 
connection. The subclass can be specified via 
"hadoop.security.saslproperties.resolver.class" configuration property. If not 
specified, the full set of values specified in hadoop.rpc.protection is used 
while determining the QOP used for the  connection. If a class is specified, 
then the QOP values returned by the class will be used while determining the 
QOP used for the connection.

Note that this change, effectively removes SaslRpcServer.SASL_PROPS which was a 
public field. Any use of this variable outside hadoop should be replaced with 
the following code:
SaslPropertiesResolver saslPropsResolver = 
SaslPropertiesResolver.getInstance(conf);
Map<String, String> sasl_props = saslPropsResolver.getDefaultProperties()

  was:
SaslPropertiesResolver  or its subclass is used to resolve the QOP used for a 
connection. The subclass can be specified via 
"hadoop.security.saslproperties.resolver.class" configuration property. If not 
specified, the full set of values specified in hadoop.rpc.protection is used 
while determining the QOP used for the  connection. If a class is specified, 
then the QOP values returned by the class will be used while determining the 
QOP used for the connection.

Note that this change, effectively removes _SaslRpcServer.SASL_PROPS_ which was 
a public variable. Any use of this variable outside hadoop should be replaced 
with the following code:
SaslPropertiesResolver saslPropsResolver = 
SaslPropertiesResolver.getInstance(conf);
Map<String, String> sasl_props = saslPropsResolver.getDefaultProperties()


> Add a plugin to specify SaslProperties for RPC protocol based on connection 
> properties
> --------------------------------------------------------------------------------------
>
>                 Key: HADOOP-10221
>                 URL: https://issues.apache.org/jira/browse/HADOOP-10221
>             Project: Hadoop Common
>          Issue Type: Improvement
>          Components: security
>    Affects Versions: 2.2.0
>            Reporter: Benoy Antony
>            Assignee: Benoy Antony
>             Fix For: 3.0.0, 2.4.0
>
>         Attachments: HADOOP-10221.no-static.example, HADOOP-10221.patch, 
> HADOOP-10221.patch, HADOOP-10221.patch, HADOOP-10221.patch, 
> HADOOP-10221.patch, HADOOP-10221.patch, HADOOP-10221.patch, 
> HADOOP-10221.patch, HADOOP-10221.patch, HADOOP-10221.patch, HADOOP-10221.patch
>
>
> Add a plugin to specify SaslProperties for RPC protocol based on connection 
> properties.
> HADOOP-10211 enables client and server to specify and support multiple QOP.  
> Some connections needs to be restricted to a specific set of QOP based on 
> connection properties.
> Eg. connections from client from a specific subnet needs to be encrypted 
> (QOP=privacy)



--
This message was sent by Atlassian JIRA
(v6.2#6252)

Reply via email to