From issues-return-1491-archive-asf-public=cust-asf.ponee.io@zookeeper.apache.org Tue Oct 1 07:36:04 2019 Return-Path: X-Original-To: archive-asf-public@cust-asf.ponee.io Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [207.244.88.153]) by mx-eu-01.ponee.io (Postfix) with SMTP id 05F06180674 for ; Tue, 1 Oct 2019 09:36:03 +0200 (CEST) Received: (qmail 52064 invoked by uid 500); 1 Oct 2019 07:36:03 -0000 Mailing-List: contact issues-help@zookeeper.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@zookeeper.apache.org Delivered-To: mailing list issues@zookeeper.apache.org Received: (qmail 52020 invoked by uid 99); 1 Oct 2019 07:36:03 -0000 Received: from mailrelay1-us-west.apache.org (HELO mailrelay1-us-west.apache.org) (209.188.14.139) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 01 Oct 2019 07:36:03 +0000 Received: from jira-he-de.apache.org (static.172.67.40.188.clients.your-server.de [188.40.67.172]) by mailrelay1-us-west.apache.org (ASF Mail Server at mailrelay1-us-west.apache.org) with ESMTP id C5F34E2F0E for ; Tue, 1 Oct 2019 07:36:02 +0000 (UTC) Received: from jira-he-de.apache.org (localhost.localdomain [127.0.0.1]) by jira-he-de.apache.org (ASF Mail Server at jira-he-de.apache.org) with ESMTP id 5311878093B for ; Tue, 1 Oct 2019 07:36:00 +0000 (UTC) Date: Tue, 1 Oct 2019 07:36:00 +0000 (UTC) From: "Mohammad Arshad (Jira)" To: issues@zookeeper.apache.org Message-ID: In-Reply-To: References: Subject: [jira] [Commented] (ZOOKEEPER-1467) Make server principal configurable at client side. MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 [ https://issues.apache.org/jira/browse/ZOOKEEPER-1467?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16941611#comment-16941611 ] Mohammad Arshad commented on ZOOKEEPER-1467: -------------------------------------------- Thank [~sujithsimon22] for the contribution. Thanks [~eolivelli], [~enixon] for the reviews. > Make server principal configurable at client side. > -------------------------------------------------- > > Key: ZOOKEEPER-1467 > URL: https://issues.apache.org/jira/browse/ZOOKEEPER-1467 > Project: ZooKeeper > Issue Type: Improvement > Components: java client > Affects Versions: 3.4.3, 3.4.4, 3.5.0 > Reporter: Laxman > Assignee: Eugene Joseph Koontz > Priority: Major > Labels: Security, client, kerberos, pull-request-available, sasl > Fix For: 3.6.0, 3.5.7 > > Attachments: ZOOKEEPER-1467.patch, ZOOKEEPER-1467.patch > > Time Spent: 2h 10m > Remaining Estimate: 0h > > Server principal on client side is derived using hostname. > org.apache.zookeeper.ClientCnxn.SendThread.startConnect() > {code} > try { > zooKeeperSaslClient = new ZooKeeperSaslClient("zookeeper/"+addr.getHostName()); > } > {code} > This may have problems when admin wanted some customized principals like zookeeper/clusterid@HADOOP.COM where clusterid is the cluster identifier but not the host name. > IMO, server principal also should be configurable as hadoop is doing. -- This message was sent by Atlassian Jira (v8.3.4#803005)