zookeeper-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From sriramch <...@git.apache.org>
Subject [GitHub] zookeeper pull request #418: [zookeeper-2937] disallow client requests witho...
Date Mon, 20 Nov 2017 23:40:50 GMT
Github user sriramch commented on a diff in the pull request:

    --- Diff: src/java/main/org/apache/zookeeper/server/auth/ProviderRegistry.java ---
    @@ -87,4 +113,10 @@ public static String listProviders() {
             return sb.toString();
    +    public static SortedSet<String> getSchemesRequiringAuth() {
    --- End diff --
    by 'user', i take it that you mean the client that is connecting/transacting with zookeeper
(or is it the auth provider that you are referring to). typically, it is the server that decides
what kind of security/auth policy needs to be in place for the client to connect/transact
with it. if the clients can present those credentials, then we let it connect; else, reject
it, if the auth provider *requires* the clients to authenticate with it before transacting.
the auth provider may not have even been loaded to begin with, if we let the clients choose
which schemes needs to be verified. 


View raw message