zookeeper-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Rakesh R (JIRA)" <j...@apache.org>
Subject [jira] [Created] (ZOOKEEPER-2793) [QP MutualAuth]: Build a mechanism to build "authzHosts" for dynamic reconfig servers
Date Mon, 29 May 2017 09:38:04 GMT
Rakesh R created ZOOKEEPER-2793:
-----------------------------------

             Summary: [QP MutualAuth]: Build a mechanism to build "authzHosts" for dynamic
reconfig servers
                 Key: ZOOKEEPER-2793
                 URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2793
             Project: ZooKeeper
          Issue Type: Sub-task
            Reporter: Rakesh R


{{QuorumServer}} will do the authorization checks against configured authorized hosts. During
LE, QuorumLearner will send an authentication packet to QuorumServer. Now, QuorumServer will
check that the connecting QuorumLearner’s hostname exists in the authorized hosts. If not
exists then connecting peer is not authorized to join this ensemble and the request will be
rejected immediately. 

In {{branch-3.4}} building {{authzHosts}} list is pretty straight forward, can use the ensemble
server details in zoo.cfg file. But with dynamic reconfig, it has to consider the dynamic
add/remove/update servers and need to discuss the ways to handle dynamic cases.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

Mime
View raw message