zookeeper-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Norbert Kalmar <nkal...@cloudera.com.INVALID>
Subject Re: Which is the best option to secure the solr specific data in zookeeper?
Date Fri, 12 Oct 2018 08:44:13 GMT
Hi,

I don't know how solr authentication from the viewpoint of ZooKeeper.
ACL makes sense to restrict the content solr cretes in ZooKeeper.

I'm not sure what you mean by enabling authentication for the whole
ZooKeeper?
ZK has server-to-server (quorum auth) and client-to-server mutual
authentication.
Looks like solr has org.apache.solr.common.cloud.SaslZkACLProvider, that's
basically the client authentication part in ZooKeeper, and you can use ACL.

Quorum authentication won't help you to protect your data from fraudulent
clients. That's just against fraudulent servers.

So my short answer is that ACL is the way to go when securing client data
is the question.

Regards,
Norbert

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message