[
https://issues.apache.org/jira/browse/STORM-885?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15018715#comment-15018715
]
ASF GitHub Bot commented on STORM-885:
--------------------------------------
Github user d2r commented on a diff in the pull request:
https://github.com/apache/storm/pull/838#discussion_r45513917
--- Diff:
storm-core/src/jvm/backtype/storm/messaging/netty/SaslNettyServer.java ---
@@ -35,127 +35,124 @@
class SaslNettyServer {
- private static final Logger LOG = LoggerFactory
- .getLogger(SaslNettyServer.class);
-
- private SaslServer saslServer;
-
- SaslNettyServer(String topologyName, byte[] token) throws IOException {
- LOG.debug("SaslNettyServer: Topology token is: " + topologyName
- + " with authmethod " +
SaslUtils.AUTH_DIGEST_MD5);
-
- try {
-
- SaslDigestCallbackHandler ch = new
SaslNettyServer.SaslDigestCallbackHandler(
- topologyName, token);
-
- saslServer =
Sasl.createSaslServer(SaslUtils.AUTH_DIGEST_MD5, null,
- SaslUtils.DEFAULT_REALM,
SaslUtils.getSaslProps(), ch);
-
- } catch (SaslException e) {
- LOG.error("SaslNettyServer: Could not create
SaslServer: " + e);
- }
-
- }
-
- public boolean isComplete() {
- return saslServer.isComplete();
- }
-
- public String getUserName() {
- return saslServer.getAuthorizationID();
- }
-
- /** CallbackHandler for SASL DIGEST-MD5 mechanism */
- public static class SaslDigestCallbackHandler implements
CallbackHandler {
-
- /** Used to authenticate the clients */
- private byte[] userPassword;
- private String userName;
-
- public SaslDigestCallbackHandler(String topologyName, byte[]
token) {
- LOG.debug("SaslDigestCallback: Creating
SaslDigestCallback handler "
- + "with topology token: " +
topologyName);
- this.userName = topologyName;
- this.userPassword = token;
- }
-
- @Override
- public void handle(Callback[] callbacks) throws IOException,
- UnsupportedCallbackException {
- NameCallback nc = null;
- PasswordCallback pc = null;
- AuthorizeCallback ac = null;
-
- for (Callback callback : callbacks) {
- if (callback instanceof AuthorizeCallback) {
- ac = (AuthorizeCallback) callback;
- } else if (callback instanceof NameCallback) {
- nc = (NameCallback) callback;
- } else if (callback instanceof
PasswordCallback) {
- pc = (PasswordCallback) callback;
- } else if (callback instanceof RealmCallback) {
- continue; // realm is ignored
- } else {
- throw new
UnsupportedCallbackException(callback,
- "handle: Unrecognized
SASL DIGEST-MD5 Callback");
- }
- }
-
- if (nc != null) {
- LOG.debug("handle: SASL server DIGEST-MD5
callback: setting "
- + "username for client: " +
userName);
-
- nc.setName(userName);
- }
-
- if (pc != null) {
- char[] password =
SaslUtils.encodePassword(userPassword);
-
- LOG.debug("handle: SASL server DIGEST-MD5
callback: setting "
- + "password for client: " +
userPassword);
-
- pc.setPassword(password);
- }
- if (ac != null) {
-
- String authid = ac.getAuthenticationID();
- String authzid = ac.getAuthorizationID();
-
- if (authid.equals(authzid)) {
- ac.setAuthorized(true);
- } else {
- ac.setAuthorized(false);
- }
-
- if (ac.isAuthorized()) {
- LOG.debug("handle: SASL server
DIGEST-MD5 callback: setting "
- + "canonicalized client
ID: " + userName);
- ac.setAuthorizedID(authzid);
- }
- }
- }
- }
-
- /**
- * Used by SaslTokenMessage::processToken() to respond to server SASL
- * tokens.
- *
- * @param token
- * Server's SASL token
- * @return token to send back to the server.
- */
- public byte[] response(byte[] token) {
- try {
- LOG.debug("response: Responding to input token of
length: "
- + token.length);
- byte[] retval = saslServer.evaluateResponse(token);
- LOG.debug("response: Response token length: " +
retval.length);
- return retval;
- } catch (SaslException e) {
- LOG.error("response: Failed to evaluate client token of
length: "
- + token.length + " : " + e);
- return null;
- }
- }
-}
\ No newline at end of file
+
--- End diff --
extra line
> Heartbeat Server (Pacemaker)
> ----------------------------
>
> Key: STORM-885
> URL: https://issues.apache.org/jira/browse/STORM-885
> Project: Apache Storm
> Issue Type: Improvement
> Components: storm-core
> Reporter: Robert Joseph Evans
> Assignee: Kyle Nusbaum
>
> Large highly connected topologies and large clusters write a lot of data into
> ZooKeeper. The heartbeats, that make up the majority of this data, do not
> need to be persisted to disk. Pacemaker is intended to be a secure
> replacement for storing the heartbeats without changing anything within the
> heartbeats. In the future as more metrics are added in, we may want to look
> into switching it over to look more like Heron, where a metrics server is
> running for each node/topology. And can be used to aggregate/per-aggregate
> them in a more scalable manor.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
