[ https://issues.apache.org/jira/browse/GIRAPH-211?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13433994#comment-13433994 ]
Avery Ching commented on GIRAPH-211: ------------------------------------ Eugene, this is a nice start! A few comments/questions about the limitations: >-Authorization is not done: that is, clients are authenticated but there are >no restrictions on their ability to do RPC on the servers. Can't we block until the authentication is done? >-Clients should wait for authentication before trying to do RPC - once >authorization (see above) is done, they might encounter a race where they try >to do RPCs without yet being authenticated. Same question as above? >-Not tested on other than hadoop 2.0.1-SNAPSHOT Would probably be nice to try on a hadoop 1.0.x if you have a chance. >-Only works if we disable client-side channel-pooling (GIRAPH-289) and local >short-circuiting of RPCs (GIRAPH-262) - these should be configurable but >currently, I hard-wired both to be disabled. I think it's reasonable to allow short-circuiting since there isn't a security issue here (this is the same process). As for channel pooling, can we simply authenticate once per channel? > Add secure authentication to Netty IPC > -------------------------------------- > > Key: GIRAPH-211 > URL: https://issues.apache.org/jira/browse/GIRAPH-211 > Project: Giraph > Issue Type: Improvement > Reporter: Eugene Koontz > Assignee: Eugene Koontz > Fix For: 0.2.0 > > Attachments: GIRAPH-211.patch, GIRAPH-211-proposal.txt > > > Gianmarco De Francisci Morales asked on the user list: > bq. I am getting the exception in the subject when running my giraph program > bq. on a cluster with Kerberos authentication. > This leads to the idea of having Kerberos authentication supported within > GIRAPH. Hopefully it would use our fast GIRAPH-37 IPC, but could also > interoperate with Hadoop security. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira