zookeeper-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Remi Serrano <rserr...@pros.com>
Subject Client-Server authentication with DIGEST-MD5
Date Tue, 10 Apr 2018 13:22:44 GMT
Hello

I'm trying to secure my ZK cluster. To do so I'm trying to leverage both :
https://cwiki.apache.org/confluence/display/ZOOKEEPER/Server-Server+mutual+authentication
and
https://cwiki.apache.org/confluence/display/ZOOKEEPER/Client-Server+mutual+authentication

The Server to Server works fine. However, the Client to Server seems to be useless as here
is the behavior I get :

  *   Client using a declared user on the server + good password CAN connect
  *   Client using a declared user on the server + bad password CANNOT connect
  *   Client using a non  declared user on the Server CANNOT connect
so far so good... but :

  *   Client using NO user at all CAN connect !!!

Any hint ?


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message