[
https://issues.apache.org/jira/browse/HADOOP-10211?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13902031#comment-13902031
]
Daryn Sharp commented on HADOOP-10211:
--------------------------------------
Why catch and silently ignore IllegalArgumentException? The user wants privacy
or integrity, but typos it, it's not very secure to silently fallback to none.
I'd let the exception be thrown.
> Enable RPC protocol to negotiate SASL-QOP values between clients and servers
> ----------------------------------------------------------------------------
>
> Key: HADOOP-10211
> URL: https://issues.apache.org/jira/browse/HADOOP-10211
> Project: Hadoop Common
> Issue Type: Improvement
> Components: security
> Affects Versions: 2.2.0
> Reporter: Benoy Antony
> Assignee: Benoy Antony
> Attachments: HADOOP-10211.patch, HADOOP-10211.patch,
> HADOOP-10211.patch, HADOOP-10211.patch, HADOOP-10221.sample
>
>
> SASL allows different types of protection are referred to as the quality of
> protection (qop). It is negotiated between the client and server during the
> authentication phase of the SASL exchange. Currently hadoop allows specifying
> a single QOP value via _hadoop.rpc.protection_.
> The enhancement enables a user to specify multiple QOP values -
> _authentication_, _integrity_, _privacy_ as a comma separated list via
> _hadoop.rpc.protection_
> The client and server can have different set of values for
> _hadoop.rpc.protection_ and they will negotiate to determine the QOP to be
> used for communication.
--
This message was sent by Atlassian JIRA
(v6.1.5#6160)
