[KUDU-1924] Client can provide more information during auth mechanism negotiation - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Open
Priority: Minor
Resolution: Unresolved
Affects Version/s: 1.3.0
Fix Version/s: None
Component/s: rpc, security
Labels:
None

Target Version/s:

Backlog

Description

Currently, the client exposes its available auth mechanisms by just listing their types, with no further information. Instead, it could provide supplemental info such as the key sequence number that signed its token, and the fingerprint of the CA cert that signed its certificate. The server could then know not to try negotiating a mechanism that is known to fail (and instead fall back to GSSAPI, for example).

Attachments

Activity

People

Assignee:: Unassigned

Reporter:: Todd Lipcon

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 09/Mar/17 23:13

Updated:: 09/Mar/17 23:13