[jira] [Commented] (FLINK-3929) Support for Kerberos Authentication with Keytab Credential

[ASF GitHub Bot (JIRA)]

    [ 
https://issues.apache.org/jira/browse/FLINK-3929?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15402485#comment-15402485
 ] 

ASF GitHub Bot commented on FLINK-3929:
---------------------------------------

Github user vijikarthi commented on a diff in the pull request:

    https://github.com/apache/flink/pull/2275#discussion_r73020806
  
    --- Diff: 
flink-streaming-connectors/flink-connector-kafka-base/src/test/java/org/apache/flink/streaming/connectors/kafka/KafkaShortRetentionTestBase.java
 ---
    @@ -60,18 +64,33 @@
        private static Properties standardProps;
        private static ForkableFlinkMiniCluster flink;
     
    +   @ClassRule
    +   public static TemporaryFolder tempFolder = new TemporaryFolder();
    +
    +   protected static Properties secureProps = new Properties();
    +
        @BeforeClass
        public static void prepare() throws IOException, ClassNotFoundException 
{
                
LOG.info("-------------------------------------------------------------------------");
                LOG.info("    Starting KafkaShortRetentionTestBase ");
                
LOG.info("-------------------------------------------------------------------------");
     
    +           Configuration flinkConfig = new Configuration();
    +
                // dynamically load the implementation for the test
                Class<?> clazz = 
Class.forName("org.apache.flink.streaming.connectors.kafka.KafkaTestEnvironmentImpl");
                kafkaServer = (KafkaTestEnvironment) 
InstantiationUtil.instantiate(clazz);
     
                LOG.info("Starting KafkaTestBase.prepare() for Kafka " + 
kafkaServer.getVersion());
     
    +           LOG.info("Runtype: {}", RunTypeHolder.get());
    +           if(RunTypeHolder.get().equals(RunTypeHolder.RunType.SECURE)
    +                           && kafkaServer.isSecureRunSupported()) {
    +                   SecureTestEnvironment.prepare(tempFolder);
    +                   
SecureTestEnvironment.getSecurityEnabledFlinkConfiguration(flinkConfig);
    --- End diff --
    
    No. The passed config object will be populated with keytab and principal 
security configurations.


> Support for Kerberos Authentication with Keytab Credential
> ----------------------------------------------------------
>
>                 Key: FLINK-3929
>                 URL: https://issues.apache.org/jira/browse/FLINK-3929
>             Project: Flink
>          Issue Type: New Feature
>            Reporter: Eron Wright 
>            Assignee: Vijay Srinivasaraghavan
>              Labels: kerberos, security
>   Original Estimate: 672h
>  Remaining Estimate: 672h
>
> _This issue is part of a series of improvements detailed in the [Secure Data 
> Access|https://docs.google.com/document/d/1-GQB6uVOyoaXGwtqwqLV8BHDxWiMO2WnVzBoJ8oPaAs/edit?usp=sharing]
>  design doc._
> Add support for a keytab credential to be associated with the Flink cluster, 
> to facilitate:
> - Kerberos-authenticated data access for connectors
> - Kerberos-authenticated ZooKeeper access
> Support both the standalone and YARN deployment modes.
>  



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)