giraph-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Eugene Koontz (JIRA)" <>
Subject [jira] [Commented] (GIRAPH-211) Add secure authentication to Netty IPC
Date Tue, 18 Sep 2012 18:08:08 GMT


Eugene Koontz commented on GIRAPH-211:

My apologies for the delay. I am in the final stages : getting it to compile on all supported
Hadoop versions and fixing checkstyle errors. I have the SASL code implemented as a ChannelHandler
as we discussed. Here's what the pipeline looks like on the client side, showing both authenticated
and non-authenticated cases:

   // Set up the pipeline factory.
    bootstrap.setPipelineFactory(new ChannelPipelineFactory() {
      public ChannelPipeline getPipeline() throws Exception {
        if (conf.getBoolean(GiraphJob.AUTHENTICATE,
            GiraphJob.DEFAULT_AUTHENTICATE)) {
"Using Netty with authentication.");

          // Our pipeline starts with just byteCounter, and then we use
          // addAfter() to incrementally add pipeline elements, so that we can
          // name them for identification for removal or replacement after
          // client is authenticated by server.
          ChannelPipeline pipeline = Channels.pipeline(

          // After authentication finishes, the following is replaced with
          // FixedLengthFrameDecoder (as in non-auth pipeline below):
              new LengthFieldBasedFrameDecoder(1024, 0, 4, 0, 4));

          pipeline.addLast("request-encoder", new RequestEncoder());

          // After authentication finishes, the following is removed:
              new SaslClientHandler(conf));

              new ResponseClientHandler(clientRequestIdRequestInfoMap, conf));
          return pipeline;
        } else {
"Using Netty without authentication.");
          return Channels.pipeline(
              new FixedLengthFrameDecoder(RequestServerHandler.RESPONSE_BYTES),
              new RequestEncoder(),
              new ResponseClientHandler(clientRequestIdRequestInfoMap, conf));
> Add secure authentication to Netty IPC
> --------------------------------------
>                 Key: GIRAPH-211
>                 URL:
>             Project: Giraph
>          Issue Type: Improvement
>            Reporter: Eugene Koontz
>            Assignee: Eugene Koontz
>             Fix For: 0.2.0
>         Attachments: GIRAPH-211.patch, GIRAPH-211.patch, GIRAPH-211.patch, GIRAPH-211.patch,
GIRAPH-211.patch, GIRAPH-211.patch, GIRAPH-211-proposal.txt
> Gianmarco De Francisci Morales asked on the user list:
> bq. I am getting the exception in the subject when running my giraph program
> bq. on a cluster with Kerberos authentication.
> This leads to the idea of having Kerberos authentication supported within GIRAPH. Hopefully
it would use our fast GIRAPH-37 IPC, but could also interoperate with Hadoop security.

This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see:

View raw message