Change RPC to provide secure communication
------------------------------------------
Key: HADOOP-2182
URL: https://issues.apache.org/jira/browse/HADOOP-2182
Project: Hadoop
Issue Type: New Feature
Reporter: Tsz Wo (Nicholas), SZE
In the current version of RPC, there is no authentication or data protection.
We propose to change the RPC framework, so that secure communication is
possible.
The new RPC should:
- Compatible with current RPC
- Allow a pluggable security implementations (see HADOOP-1701)
- Support both secure and non-secure modes.
Here is a rough idea:
- Store security information (e.g. username, keys) in a ticket
- Use the ticket to establish a RPC connection
- Create secure sockets by the (subclass of) SocketFactory corresponding to the
selected security implementations
- Send the data and RPC parameters with the secure sockets
When authentication is supported, the RPC callee should also initialize caller
information during RPC setup and execute the RPC on the caller's behalf.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
