Details
-
New Feature
-
Status: Open
-
Major
-
Resolution: Unresolved
-
None
-
None
-
None
Description
As components of the hadoop ecosystem implement security (Kerberos in HDFS, Zookeeper, etc.) connecting to these resources requires similar capabilities. Candidates for securing include:
1. Configurable/pluggable authentication for Blur Thrift connections.
2. Configurable/pluggable authentication/authorization for Blur calls.
3. Configurable/pluggable authentication/authorization for ZooKeeper calls.
4. Configurable/pluggable authentication/authorization for Hadoop calls.
Attachments
1.
|
Create a factory pattern for setting up Blur Thrift connections | Closed | Unassigned | ||
2.
|
Blur user authentication | Closed | Unassigned | ||
3.
|
Allow for SASL ZooKeeper setup | Open | Unassigned | ||
4.
|
Allow for secure HDFS setup | Open | Unassigned |
The code is not fully tested, but SASL has been integrated in both the server side and client side logic.
https://github.com/apache/incubator-blur/commit/8674d9dcfe0456c07592ef9fd7ad344de0726cde