Change RPC to provide secure communication ------------------------------------------
Key: HADOOP-2182 URL: https://issues.apache.org/jira/browse/HADOOP-2182 Project: Hadoop Issue Type: New Feature Reporter: Tsz Wo (Nicholas), SZE In the current version of RPC, there is no authentication or data protection. We propose to change the RPC framework, so that secure communication is possible. The new RPC should: - Compatible with current RPC - Allow a pluggable security implementations (see HADOOP-1701) - Support both secure and non-secure modes. Here is a rough idea: - Store security information (e.g. username, keys) in a ticket - Use the ticket to establish a RPC connection - Create secure sockets by the (subclass of) SocketFactory corresponding to the selected security implementations - Send the data and RPC parameters with the secure sockets When authentication is supported, the RPC callee should also initialize caller information during RPC setup and execute the RPC on the caller's behalf. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.