Uploaded image for project: 'Flink'
  1. Flink
  2. FLINK-11271 Improvement to Kerberos Security
  3. FLINK-11589

Introduce service provider pattern for user to dynamically load SecurityFactory classes

    Details

      Description

      Currently there are only 3 security modules in Flink - Hadoop, Zookeeper and JaaS, all of which are pre-loaded to the Flink security runtime with one hard-coded path for instantiating SecurityContext, which is used invoke use code with PrivilegedExceptionAction.

      We propose to introduce a service provider pattern to allow users to dynamically load SecurityModuleFactory or even introduce a new SecurityContextFactory so that security runtime modules/context can be set by dynamically loading any 3rd party JAR. The discover or these modules are currently designed to go through property configurations.

      This is especially useful in a corporate environment where proprietary security technologies are involved.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                walterddr Rong Rong
                Reporter:
                walterddr Rong Rong
              • Votes:
                0 Vote for this issue
                Watchers:
                4 Start watching this issue

                Dates

                • Created:
                  Updated:

                  Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0h
                  0h
                  Logged:
                  Time Spent - 10m
                  10m