zookeeper-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jan Høydahl <jan....@cominvent.com>
Subject Digest auth with classic TCP transport
Date Thu, 27 Sep 2018 09:12:44 GMT

We use ZK 3.4.13, and unfortunately cannot use Netty transport and SSL.
We plan to use digest authentication and Zookeeper ACL protection.

Question is, since we cannot use SSL, is there some other way to make sure the user credentials
are not sniffed over the network and thus let an attacker impersonate our application and
cange the content in Zookeeper? Does the Zookeeper client do some smart moves to protect/hash
the password over the network? I suppose the binary transport is easy to decipher for those
who try.

Jan Høydahl
Cominvent AS - www.cominvent.com

View raw message