[
https://issues.apache.org/jira/browse/HADOOP-10211?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13923216#comment-13923216
]
Chris Nauroth commented on HADOOP-10211:
----------------------------------------
This change accidentally broke backwards-compatibility with some existing
configs. I filed blocker bug HADOOP-10391.
> Enable RPC protocol to negotiate SASL-QOP values between clients and servers
> ----------------------------------------------------------------------------
>
> Key: HADOOP-10211
> URL: https://issues.apache.org/jira/browse/HADOOP-10211
> Project: Hadoop Common
> Issue Type: Improvement
> Components: security
> Affects Versions: 2.2.0
> Reporter: Benoy Antony
> Assignee: Benoy Antony
> Fix For: 3.0.0, 2.4.0
>
> Attachments: HADOOP-10211.patch, HADOOP-10211.patch,
> HADOOP-10211.patch, HADOOP-10211.patch, HADOOP-10211.patch,
> HADOOP-10221.sample
>
>
> SASL allows different types of protection are referred to as the quality of
> protection (qop). It is negotiated between the client and server during the
> authentication phase of the SASL exchange. Currently hadoop allows specifying
> a single QOP value via _hadoop.rpc.protection_.
> The enhancement enables a user to specify multiple QOP values -
> _authentication_, _integrity_, _privacy_ as a comma separated list via
> _hadoop.rpc.protection_
> The client and server can have different set of values for
> _hadoop.rpc.protection_ and they will negotiate to determine the QOP to be
> used for communication.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
