Dan Burkert has posted comments on this change. Change subject: [security] tailored TokenSigner for system catalog ......................................................................
Patch Set 15: > Checkout server_base.h, it's grown a TokenVerifier field. In the master, > we'll want to use the TokenVerifier internal to this TokenSigner, while on > the tablet server, we'll want to use a standalone one. Not sure the best way > to do that, but it needs to be solved, otherwise the RPC system on the master > won't be able to verify tokens. Todd and I just discussed this offline. Looks like the best route is to make a virtual method getters for the TokenVerifier on ServerBase, and then master can implement those through the TokenSigner, and tserver can implement them through a new TokenVerifier field. The existing TokenVerifier field on ServerBase can be removed. -- To view, visit http://gerrit.cloudera.org:8080/5930 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-MessageType: comment Gerrit-Change-Id: Ie2417e2ccba6a1114db366b2f642f95362bf479c Gerrit-PatchSet: 15 Gerrit-Project: kudu Gerrit-Branch: master Gerrit-Owner: Alexey Serbin <aser...@cloudera.com> Gerrit-Reviewer: Alexey Serbin <aser...@cloudera.com> Gerrit-Reviewer: Dan Burkert <danburk...@apache.org> Gerrit-Reviewer: Kudu Jenkins Gerrit-Reviewer: Tidy Bot Gerrit-Reviewer: Todd Lipcon <t...@apache.org> Gerrit-HasComments: No