You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@knox.apache.org by "Kevin Risden (Jira)" <ji...@apache.org> on 2019/11/15 16:18:00 UTC
[jira] [Commented] (KNOX-2127) ZooKeeperAliasService mishandles
mixed-case alias keys properly
[ https://issues.apache.org/jira/browse/KNOX-2127?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16975212#comment-16975212 ]
Kevin Risden commented on KNOX-2127:
------------------------------------
So does that mean that we silently overwrite mixed case keys in the case of the regular alias service? We should enforce only lowercase then at the default alias service?
> ZooKeeperAliasService mishandles mixed-case alias keys properly
> ---------------------------------------------------------------
>
> Key: KNOX-2127
> URL: https://issues.apache.org/jira/browse/KNOX-2127
> Project: Apache Knox
> Issue Type: Bug
> Components: Server
> Affects Versions: 1.3.0
> Reporter: Philip Zampino
> Assignee: Philip Zampino
> Priority: Major
> Fix For: 1.4.0
>
>
> The ZooKeeperAliasService mishandles mixed-case alias keys. Due to JDK-4891485, the getPasswordFromAliasForCluster(String, String, boolean) implementation assumes the alias key should be lower-cased. However, it enforces no such requirement when an alias is added. Hence, it's possible to add a mixed-case alias key, but impossible to retrieve the value thereof.
> If this lower-case requirement is necessary, then the implementation must enforce it consistently. The add methods must also lower-case the alias keys.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)