[ https://issues.apache.org/jira/browse/FLINK-3929?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15403938#comment-15403938 ]
ASF GitHub Bot commented on FLINK-3929: --------------------------------------- Github user mxm commented on the issue: https://github.com/apache/flink/pull/2275 > Yes, it is not essential to run the secure test case all the time as it consumes more cycles. Do you have any suggestion on controlling this through some mvn/surefire plugin configuration? I would suggest that we keep three integration test classes for testing security: 1. Kafka (with Zookeeper) 2. HDFS 3. Yarn In addition, we need a unit test to verify that the security context is correctly set up. I think we're covered then and don't need any more tests. After all, tests that are disabled by default and we almost never run are not very useful. >It is little overhead but works out well with minimal changes to the code. We could revisit and make any changes if it creates any issues. I would really like to move all security testing code to a utility class and call this code through `@AfterClass` and `@BeforeClass` methods. If that is fine with you. This is simpler and easier to understand than the custom runner implementation. >I believe you are referring to the https://ci.apache.org/projects/flink/flink-docs-master/setup/config.html. If so, yes it certainly helps and I will be happy to add the details but I don't have access to edit the page. You can actually change this page in the repository at [/docs/setup/config.md](/apache/flink/blob/master/docs/setup/config.md). Concerning `SASL_PLAINTEXT`: I suppose we're making an effort to encrypt the authentication channel in the changes according to the security document? For now this seems fine. > Support for Kerberos Authentication with Keytab Credential > ---------------------------------------------------------- > > Key: FLINK-3929 > URL: https://issues.apache.org/jira/browse/FLINK-3929 > Project: Flink > Issue Type: New Feature > Reporter: Eron Wright > Assignee: Vijay Srinivasaraghavan > Labels: kerberos, security > Original Estimate: 672h > Remaining Estimate: 672h > > _This issue is part of a series of improvements detailed in the [Secure Data > Access|https://docs.google.com/document/d/1-GQB6uVOyoaXGwtqwqLV8BHDxWiMO2WnVzBoJ8oPaAs/edit?usp=sharing] > design doc._ > Add support for a keytab credential to be associated with the Flink cluster, > to facilitate: > - Kerberos-authenticated data access for connectors > - Kerberos-authenticated ZooKeeper access > Support both the standalone and YARN deployment modes. > -- This message was sent by Atlassian JIRA (v6.3.4#6332)