[ https://issues.apache.org/jira/browse/GIRAPH-211?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Eugene Koontz updated GIRAPH-211: --------------------------------- Attachment: GIRAPH-211.patch Avery, modified your patch to fix one problem: a NPE in NettyClient.sendWritableRequest() when the supplied destWorkerId param is null. This null param happens when requests are made to the master when sendWritableRequest() is called by NettyClient.authenticateOnChannel(). With Avery's fix for GIRAPH-360, we associate each request with the taskId of the worker that is making the request, and use a pair <taskid,requestid> as the key for tracking requests in the clientRequestIdRequestInfoMap. However, the Giraph master is not associated with a taskId, and so its taskid is null. It wouldn't be a problem that the master has a null task id for normal Giraph requests, but for authentication, workers need to authenticate with the master just as they must do with the other workers. This patch works around the problem by simply not registering authentication requests (requests with type=SASL_TOKEN_MESSAGE_REQUEST) with the clientRequestIdRequestInfoMap. In other words, it's another workaround like the "-2" presence in my previous patches. I know this is not ideal, but I wanted to keep the momentum going for this JIRA. Rather than this workaround, I thought a possible solution would be a separate client-side pipeline component that handles request tracking. We'd move the clientRequestIdRequestInfoMap into this component, which would handles the tracking functionality that currently is spread across NettyClient.sendWritableRequest(), .waitAllRequests(), and ResponseClientHandler.messageReceived(). Or, maybe I'm missing something obvious and easy :) Tested this patch successfully with: {code} mvn -Phadoop_non_secure clean verify && mvn -Phadoop_0.20.203 clean verify && mvn -Phadoop_1.0 clean verify && mvn -Phadoop0.23 clean verify && mvn -Phadoop_2.0.0 clean verify && mvn -Phadoop_2.0.1 clean verify && mvn -Phadoop_2.0.2 clean verify {code} > Add secure authentication to Netty IPC > -------------------------------------- > > Key: GIRAPH-211 > URL: https://issues.apache.org/jira/browse/GIRAPH-211 > Project: Giraph > Issue Type: Improvement > Reporter: Eugene Koontz > Assignee: Eugene Koontz > Fix For: 0.2.0 > > Attachments: GIRAPH-211.2.patch, GIRAPH-211.3.patch, > GIRAPH-211.4.patch, GIRAPH-211.patch, GIRAPH-211.patch, GIRAPH-211.patch, > GIRAPH-211.patch, GIRAPH-211.patch, GIRAPH-211.patch, GIRAPH-211.patch, > GIRAPH-211.patch, GIRAPH-211.patch, GIRAPH-211.patch, GIRAPH-211-proposal.txt > > > Gianmarco De Francisci Morales asked on the user list: > bq. I am getting the exception in the subject when running my giraph program > bq. on a cluster with Kerberos authentication. > This leads to the idea of having Kerberos authentication supported within > GIRAPH. Hopefully it would use our fast GIRAPH-37 IPC, but could also > interoperate with Hadoop security. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira