[jira] [Commented] (DRILL-4335) Apache Drill should support network encryption

Wed, 05 Apr 2017 15:21:07 -0700 

    [ 
https://issues.apache.org/jira/browse/DRILL-4335?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15957890#comment-15957890
 ] 

ASF GitHub Bot commented on DRILL-4335:
---------------------------------------

Github user sudheeshkatkam commented on a diff in the pull request:

    https://github.com/apache/drill/pull/773#discussion_r109745391
  
    --- Diff: 
exec/java-exec/src/main/java/org/apache/drill/exec/rpc/security/AuthenticationOutcomeListener.java
 ---
    @@ -120,19 +121,22 @@ public void success(SaslMessage value, ByteBuf 
buffer) {
               new SaslException("Server sent a corrupt message.")));
         } else {
           try {
    -        final SaslChallengeContext context = new 
SaslChallengeContext(value, connection.getSaslClient(), ugi);
    -
    +        final SaslChallengeContext<C> context = new 
SaslChallengeContext<>(value, ugi, connection);
             final SaslMessage saslResponse = processor.process(context);
     
             if (saslResponse != null) {
               client.send(new AuthenticationOutcomeListener<>(client, 
connection, saslRpcType, ugi, completionListener),
                   connection, saslRpcType, saslResponse, SaslMessage.class,
    -              true /** the connection will not be backed up at this point 
*/);
    +              true /* the connection will not be backed up at this point 
*/);
             } else {
               // success
               completionListener.success(null, null);
    +          logger.trace("Successfully authenticated to server using {} 
mechanism and encryption context: {}",
    --- End diff --
    
    `if (logger.isTraceEnabled())`


> Apache Drill should support network encryption
> ----------------------------------------------
>
>                 Key: DRILL-4335
>                 URL: https://issues.apache.org/jira/browse/DRILL-4335
>             Project: Apache Drill
>          Issue Type: New Feature
>            Reporter: Keys Botzum
>            Assignee: Sorabh Hamirwasia
>              Labels: security
>         Attachments: ApacheDrillEncryptionUsingSASLDesign.pdf
>
>
> This is clearly related to Drill-291 but wanted to make explicit that this 
> needs to include network level encryption and not just authentication. This 
> is particularly important for the client connection to Drill which will often 
> be sending passwords in the clear until there is encryption.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

Reply via email to