You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@zookeeper.apache.org by "Patrick Hunt (JIRA)" <ji...@apache.org> on 2012/04/26 19:14:17 UTC

[jira] [Created] (ZOOKEEPER-1455) there is no way to determine if a session is sasl authenticated or not

Patrick Hunt created ZOOKEEPER-1455:
---------------------------------------

             Summary: there is no way to determine if a session is sasl authenticated or not
                 Key: ZOOKEEPER-1455
                 URL: https://issues.apache.org/jira/browse/ZOOKEEPER-1455
             Project: ZooKeeper
          Issue Type: Bug
            Reporter: Patrick Hunt
            Priority: Critical


The ZooKeeper interface provides no way to determine if the session is sasl authenticated or not. There is an event sent to the watcher when the sasl authentication completes, however there no way to determine if there is intent to negotiate via sasl. As a result the event cannot be used to wait to send messages until the authentication has completed. see HADOOP-8315

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

[jira] [Commented] (ZOOKEEPER-1455) there is no way to determine if a session is sasl authenticated or not

Posted by "Patrick Hunt (JIRA)" <ji...@apache.org>.

    [ https://issues.apache.org/jira/browse/ZOOKEEPER-1455?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13272458#comment-13272458 ] 

Patrick Hunt commented on ZOOKEEPER-1455:
-----------------------------------------

I don't think we should expose that to the user, it might change. Instead we should have a method on the session. If the implementation ever changed we could update the method w/o effecting the user code.
                
> there is no way to determine if a session is sasl authenticated or not
> ----------------------------------------------------------------------
>
>                 Key: ZOOKEEPER-1455
>                 URL: https://issues.apache.org/jira/browse/ZOOKEEPER-1455
>             Project: ZooKeeper
>          Issue Type: Bug
>            Reporter: Patrick Hunt
>            Priority: Critical
>
> The ZooKeeper interface provides no way to determine if the session is sasl authenticated or not. There is an event sent to the watcher when the sasl authentication completes, however there no way to determine if there is intent to negotiate via sasl. As a result the event cannot be used to wait to send messages until the authentication has completed. see HADOOP-8315

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

[jira] [Commented] (ZOOKEEPER-1455) there is no way to determine if a session is sasl authenticated or not

Posted by "Eugene Koontz (JIRA)" <ji...@apache.org>.

    [ https://issues.apache.org/jira/browse/ZOOKEEPER-1455?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13272016#comment-13272016 ] 

Eugene Koontz commented on ZOOKEEPER-1455:
------------------------------------------

Currently, in the code for both server and client, we check for a non-null system property:

{{(System.getProperty("java.security.auth.login.config") != null)}} 

as a statement of intention to negotiate via SASL.



                
> there is no way to determine if a session is sasl authenticated or not
> ----------------------------------------------------------------------
>
>                 Key: ZOOKEEPER-1455
>                 URL: https://issues.apache.org/jira/browse/ZOOKEEPER-1455
>             Project: ZooKeeper
>          Issue Type: Bug
>            Reporter: Patrick Hunt
>            Priority: Critical
>
> The ZooKeeper interface provides no way to determine if the session is sasl authenticated or not. There is an event sent to the watcher when the sasl authentication completes, however there no way to determine if there is intent to negotiate via sasl. As a result the event cannot be used to wait to send messages until the authentication has completed. see HADOOP-8315

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira