You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@zookeeper.apache.org by "Camille Fournier (JIRA)" <ji...@apache.org> on 2015/03/17 00:52:38 UTC
[jira] [Commented] (ZOOKEEPER-2144) Provide a way to update the
auth info on a connection
[ https://issues.apache.org/jira/browse/ZOOKEEPER-2144?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14364235#comment-14364235 ]
Camille Fournier commented on ZOOKEEPER-2144:
---------------------------------------------
Can you explain the problem in a bit more detail? I think the question in my mind is will there be a security risk by allowing updating of auth info in the manner you suggest. What are your thoughts around that?
> Provide a way to update the auth info on a connection
> -----------------------------------------------------
>
> Key: ZOOKEEPER-2144
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2144
> Project: ZooKeeper
> Issue Type: Improvement
> Reporter: Karol Dudzinski
>
> The current auth info implementation makes it very difficult to work with expiring auth info. If a client fails over between servers, it resends its list of auth info in a FIFO order. Therefore, if any of the info has expired, it'll cause the session to be lost. There is currently no way to update or remove any existing info, only add. Any objections to adding an update or remove auth info method?
> An alternate solution would be for ClientCnxn.AuthData to implement an equals method that only checks the scheme field. As the AuthData is stored in a set, this would have the same effect as an update operation. However, I'm not sure if there is a use case for supplying multiple bits of AuthData for the same scheme?
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)