zookeeper-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Rakesh R (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (ZOOKEEPER-1045) Support Quorum Peer mutual authentication via SASL
Date Fri, 05 Jul 2019 05:18:00 GMT

    [ https://issues.apache.org/jira/browse/ZOOKEEPER-1045?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16878977#comment-16878977
] 

Rakesh R commented on ZOOKEEPER-1045:
-------------------------------------

{quote}ZOOKEEPER-24443 is not available in the org.apache.zookeeper.util.SecurityUtils.java
in release version 3.5.5
{quote}
Jira number is not correct. Could you please let me know the expected jira.
{quote}server principal name/hostname determination error: 
 java.lang.StringIndexOutOfBoundsException: String index out of range: -1
{quote}
It expects Kerberos principals in the form of {{servicename/fully.qualified.domain.name@EXAMPLE.COM}},
here "servicename" has to be substituted with the proper service name. 
 For example, {{zkquorum/myhost1.foo.com@EXAMPLE.COM}} and {{zkquorum/myhost2.foo.com@EXAMPLE.COM}}
for the hosts - {{myhost1.foo.com}} and {{myhost2.foo.com}}

> Support Quorum Peer mutual authentication via SASL
> --------------------------------------------------
>
>                 Key: ZOOKEEPER-1045
>                 URL: https://issues.apache.org/jira/browse/ZOOKEEPER-1045
>             Project: ZooKeeper
>          Issue Type: New Feature
>          Components: quorum, security
>            Reporter: Eugene Koontz
>            Assignee: Rakesh R
>            Priority: Critical
>             Fix For: 3.4.10
>
>         Attachments: 0001-ZOOKEEPER-1045-br-3-4.patch, 1045_failing_phunt.tar.gz, HOST_RESOLVER-ZK-1045.patch,
QuorumPeer Mutual Authentication Via Sasl Feature Doc - 2016-Nov-10.pdf, QuorumPeer Mutual
Authentication Via Sasl Feature Doc - 2016-Nov-25.pdf, QuorumPeer Mutual Authentication Via
Sasl Feature Doc - 2016-Nov-29.pdf, QuorumPeer Mutual Authentication Via Sasl Feature Doc
- 2016-Nov-30.pdf, QuorumPeer Mutual Authentication Via Sasl Feature Doc - 2016-Sep-25.pdf,
TEST-org.apache.zookeeper.server.quorum.auth.QuorumAuthUpgradeTest.txt, ZK-1045-test-case-failure-logs.zip,
ZOOKEEPER-1045 Test Plan.pdf, ZOOKEEPER-1045-00.patch, ZOOKEEPER-1045-Rolling Upgrade Design
Proposal.pdf, ZOOKEEPER-1045-br-3-4.patch, ZOOKEEPER-1045-br-3-4.patch, ZOOKEEPER-1045-br-3-4.patch,
ZOOKEEPER-1045-br-3-4.patch, ZOOKEEPER-1045-br-3-4.patch, ZOOKEEPER-1045-br-3-4.patch, ZOOKEEPER-1045-br-3-4.patch,
ZOOKEEPER-1045-br-3-4.patch, ZOOKEEPER-1045-br-3-4.patch, ZOOKEEPER-1045-br-3-4.patch, ZOOKEEPER-1045-br-3-4.patch,
ZOOKEEPER-1045-br-3-4.patch, ZOOKEEPER-1045-br-3-4.patch, ZOOKEEPER-1045-br-3-4.patch, ZOOKEEPER-1045TestValidationDesign.pdf,
org.apache.zookeeper.server.quorum.auth.QuorumAuthUpgradeTest.testRollingUpgrade.log
>
>
> ZOOKEEPER-938 addresses mutual authentication between clients and servers. This bug,
on the other hand, is for authentication among quorum peers. Hopefully much of the work done
on SASL integration with Zookeeper for ZOOKEEPER-938 can be used as a foundation for this
enhancement.
> Review board: https://reviews.apache.org/r/47354/



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Mime
View raw message