You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@spark.apache.org by "James Livingston (JIRA)" <ji...@apache.org> on 2014/09/16 06:32:34 UTC

[jira] [Created] (SPARK-3542) Akka protocol authentication in plaintext

James Livingston created SPARK-3542:
---------------------------------------

             Summary: Akka protocol authentication in plaintext
                 Key: SPARK-3542
                 URL: https://issues.apache.org/jira/browse/SPARK-3542
             Project: Spark
          Issue Type: Bug
    Affects Versions: 1.1.0
            Reporter: James Livingston


It is already noted in the SecurityManager API docs but when using the Akka communication protocol, SSL is not currently supported and credentials can (and often are) passed in plaintext.

Using one of the examples, you can add this and see "password" sent in plaintext via the akka.tcp protocol:
  conf.set("spark.authenticate", "true")
  conf.set("spark.authenticate.secret", "password")

It's obviously known, but worth having a jira to track.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@spark.apache.org
For additional commands, e-mail: issues-help@spark.apache.org