zookeeper-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From William Jardine <williamjardin...@gmail.com>
Subject ZK ACL question
Date Wed, 18 Jul 2018 14:36:59 GMT
Hey guys,

I'm using ZooKeeper and am curious about how it stores its ACL identities
created with the digest scheme, and am a bit confused by the website.
Hoping you can help me.

For example, if I do:#

   - addauth digest testuser1:password1
   - setAcl /testnode auth:testuser1:password1:w

This stores the following as the ACL identity for testnode:
'testuser1:AWB1i+VKSJP/aUdT1QXi+A4j32o=

My question is, what is this hash? The website (
https://zookeeper.apache.org/doc/r3.1.2/zookeeperProgrammers.html#sc_ZooKeeperAccessControl)
talks about both MD5 and SHA1; I'm confused as to which it's using.

I'm also a bit confused about which part it's hashing. I believe it's one
of the following combinations:

   - base64(sha1sum("username:password")
   - base64(sha1sum("password")
   - base64(md5sum("username:password")
   - base64(md5sum("password")

But I'm unable to replicate the hash given above. I want to verify my
passwords are stored in ZK as securely as possible. Are you able to give me
some more info on how this process works and what scheme it uses? Is it
doing some salting as well? Any info would be much appreciated.

Cheers,
William

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message