[HADOOP-10057] Add ability in Hadoop servers (Namenode, JobTracker, Datanode ) to support multiple QOP (Authentication , Privacy) simultaneously - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Resolved
Priority: Major
Resolution: Won't Do
Affects Version/s: 1.2.1
Fix Version/s: None
Component/s: None
Labels:
None

Description

Add ability in Hadoop servers (Namenode, JobTracker Datanode ) to support multiple QOP (Authentication , Privacy) simlutaneously

Hadoop Servers currently support only one QOP(quality of protection)for the whole cluster.
We want Hadoop servers to support multiple QOP at the same time.
The logic used to determine the QOP should be pluggable.
This will enable hadoop servers to communicate with different types of clients with different QOP.

A sample usecase:
Let each Hadoop server support two QOP .
1. Authentication
2. Privacy (Privacy includes Authentication) .
The Hadoop servers and internal clients require to do Authentication only without incurring cost of encryption. External clients use Privacy.

An ip-whitelist logic to determine the QOP is provided and used as the default QOP resolution logic.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

hadoop-10057-branch-1.2.patch
17/Oct/13 21:52
53 kB
Benoy Antony
HADOOP-10057.pdf
18/Oct/13 21:50
75 kB
Benoy Antony

Issue Links

depends upon

HDFS-5290 Port Encryption Support in DataTransfer protocol to Hadoop 1

Resolved

is related to

HADOOP-9709 Add ability in Hadoop servers (Namenode, Datanode, ResourceManager ) to support multiple QOP (Authentication , Privacy)

Resolved

relates to

HADOOP-10211 Enable RPC protocol to negotiate SASL-QOP values between clients and servers

Closed

Activity

People

Assignee:: Benoy Antony

Reporter:: Benoy Antony

Votes:: 0 Vote for this issue

Watchers:: 5 Start watching this issue

Dates

Created:: 17/Oct/13 21:47

Updated:: 16/Oct/17 19:45

Resolved:: 16/Oct/17 19:45