zookeeper-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Matteo Bertozzi (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (ZOOKEEPER-1497) Allow server-side SASL login with JAAS configuration to be programmatically set (rather than only by reading JAAS configuration file)
Date Wed, 01 Aug 2012 18:22:04 GMT

    [ https://issues.apache.org/jira/browse/ZOOKEEPER-1497?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13426794#comment-13426794
] 

Matteo Bertozzi commented on ZOOKEEPER-1497:
--------------------------------------------

The patch is on Review board if someone want to add some inline comments
https://reviews.apache.org/r/6290
                
> Allow server-side SASL login with JAAS configuration to be programmatically set (rather
than only by reading JAAS configuration file)
> -------------------------------------------------------------------------------------------------------------------------------------
>
>                 Key: ZOOKEEPER-1497
>                 URL: https://issues.apache.org/jira/browse/ZOOKEEPER-1497
>             Project: ZooKeeper
>          Issue Type: Improvement
>          Components: server
>    Affects Versions: 3.4.3, 3.5.0
>            Reporter: Matteo Bertozzi
>            Assignee: Matteo Bertozzi
>              Labels: security
>         Attachments: ZOOKEEPER-1497-v1.patch, ZOOKEEPER-1497-v2.patch, ZOOKEEPER-1497-v3.patch
>
>
> Currently the CnxnFactory checks for "java.security.auth.login.config" to decide whether
or not enable SASL.
> * zookeeper/server/NIOServerCnxnFactory.java
> * zookeeper/server/NettyServerCnxnFactory.java
> ** configure() checks for "java.security.auth.login.config"
> *** If present start the new Login("Server", SaslServerCallbackHandler(conf))
> But since the SaslServerCallbackHandler does the right thing just checking if getAppConfigurationEntry()
is empty, we can allow SASL with JAAS configuration to be programmatically just checking weather
or not a configuration entry is present instead of "java.security.auth.login.config".
> (Something quite similar was done for the SaslClient in ZOOKEEPER-1373)

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

Mime
View raw message