You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@zookeeper.apache.org by "Yuliya Feldman (JIRA)" <ji...@apache.org> on 2013/09/18 08:28:55 UTC

[jira] [Created] (ZOOKEEPER-1759) Adding ability to allow READ operations for authenticated users, versus keeping ACLs wide open for READ

Yuliya Feldman created ZOOKEEPER-1759:
-----------------------------------------

             Summary: Adding ability to allow READ operations for authenticated users, versus keeping ACLs wide open for READ
                 Key: ZOOKEEPER-1759
                 URL: https://issues.apache.org/jira/browse/ZOOKEEPER-1759
             Project: ZooKeeper
          Issue Type: Improvement
          Components: server
    Affects Versions: 3.4.5
         Environment: Java, SASL authentication, security
            Reporter: Yuliya Feldman


Today when using SASLAuthenticationProvider to authenticate Zookeeper Clients access to the data based on ACLS set on znodes there is no other choice but to set READ ACLs to be "world", "anyone" with the way how 
{code:java}
public boolean matches(String id,String aclExpr)
{/code}
is currently implemented. It means that any unauthenticated user can read the data when application needs to make sure that not only creator of a znode can read the content 

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira