hadoop-zookeeper-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mahadev Konar <maha...@yahoo-inc.com>
Subject Re: Authentification for Zookeeper Server
Date Wed, 17 Jun 2009 16:27:25 GMT
Hi David, 
 Good question. You can set acls on the root. There is a minor bug related
to it (though its easy to get around it).

The jira is
http://issues.apache.org/jira/browse/ZOOKEEPER-433

The bug is that ZooKeeper does not allow you to do a get acl on the root if
it has not been set. You will still be able to set acl on the root and then
do a getacl with the right auth but just that a get acl on a raw root node
without any acl's being set by admin/user fails.

Hope that helps
mahadev 


On 6/17/09 12:56 AM, "David Graf" <david.graf@28msec.com> wrote:

> Hello
> 
> Thanks a lot for the answers!
> 
> Due to the fact that I am running my ZooKeeper servers and clients on
> Amazon EC2 instances, using the ec2 Security Groups might be the best
> choice.
> 
> Nevertheless, I have a question concerning the authentification on the
> znode level. How is it possible to prevent clients creating node on
> the root level? Is it also possible to set an ACL on the root
> (although the root is not created by a client)?
> 
> David


Mime
View raw message