You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@hbase.apache.org by "guanyun (Jira)" <ji...@apache.org> on 2019/12/08 13:35:02 UTC
[jira] [Created] (HBASE-23477) CLONE - Implement secure native
client connection
guanyun created HBASE-23477:
-------------------------------
Summary: CLONE - Implement secure native client connection
Key: HBASE-23477
URL: https://issues.apache.org/jira/browse/HBASE-23477
Project: HBase
Issue Type: Sub-task
Reporter: guanyun
Assignee: Ted Yu
Fix For: HBASE-14850
Attachments: 17860.v2.txt, 17860.v21.txt, 17860.v3.txt, 17860.v4.txt, 17860.v43.txt
So far, the native client communicates with insecure cluster.
This JIRA is to add secure connection support for native client using Cyrus library.
The work is based on earlier implementation and is redone via wangle and folly frameworks.
Thanks to [~devaraj] who started the initiative.
Here is high level description of the design:
* SaslHandler is declared as:
{code}
class SaslHandler
: public wangle::HandlerAdapter<folly::IOBufQueue&, std::unique_ptr<folly::IOBuf>>{
{code}
It would be inserted between EventBaseHandler and LengthFieldBasedFrameDecoder in the pipeline (via RpcPipelineFactory::newPipeline())
* SaslHandler would intercept writes to server by buffering the IOBuf's and start the handshake process (via sasl_client_XX calls provided by Cyrus)
* after handshake is complete, SaslHandler would send the buffered IOBuf's to server and act as pass-thru from then on
--
This message was sent by Atlassian Jira
(v8.3.4#803005)