Github user vijikarthi commented on the issue:
https://github.com/apache/flink/pull/2425
@StephanEwen, @mxm I have updated the documentation changes as suggested,
moved common code from BlobUtils to SecurityContext, added new ConfigOptions
class for security configurations lookup.
>
The cookie is added to every single message/buffer that is transferred.
That is too much - securing the integrity of the stream is responsibility of
the encryption layer. The cookie should be added to requests messages that
establish connections only.
I have added a new handler code to front load the secure cookie validation.
These handlers are added to both `NettyServer` and `NettyClient` pipeline right
after the SSL handler is added. I still kept the original code that passes
cookie for every message (will remove the logic if you are okay with the
handler implementation)
Please review and let me know your feedback.
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---
