You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@storm.apache.org by "ASF GitHub Bot (JIRA)" <ji...@apache.org> on 2016/03/07 23:20:40 UTC

[jira] [Commented] (STORM-430) (Security) Allow netty SASL to support encryption/decryption

    [ https://issues.apache.org/jira/browse/STORM-430?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15183844#comment-15183844 ] 

ASF GitHub Bot commented on STORM-430:
--------------------------------------

Github user knusbaum commented on the pull request:

    https://github.com/apache/storm/pull/250#issuecomment-193481184
  
    @RaghavendraNandagopal 
    Closing this. We still like the functionality, so free to reopen if you have time to address the comments.


> (Security) Allow netty SASL to support encryption/decryption
> ------------------------------------------------------------
>
>                 Key: STORM-430
>                 URL: https://issues.apache.org/jira/browse/STORM-430
>             Project: Apache Storm
>          Issue Type: Improvement
>          Components: storm-core
>            Reporter: Robert Joseph Evans
>            Assignee: Raghavendra Nandagopal
>         Attachments: Storm-Netty Secure Layer.pdf
>
>
> SASL provides more then just authentication, it can also provide integraty guarantees.
> as described here http://docs.oracle.com/javase/7/docs/api/javax/security/sasl/Sasl.html#QOP
> and http://docs.oracle.com/javase/7/docs/technotes/guides/security/sasl/sasl-refguide.html
> In order to provide those guarantees encryption is used, and the wrap/unwrap methods for the SaslClient and Server must be used.  It would be great to support this for storm as well, allowing users to configure the level of security they want.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)