You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@nifi.apache.org by "Bryan Bende (JIRA)" <ji...@apache.org> on 2016/07/19 13:42:20 UTC
[jira] [Created] (NIFI-2315) Allow ZK ACL to be configurable for
clustering z-nodes
Bryan Bende created NIFI-2315:
---------------------------------
Summary: Allow ZK ACL to be configurable for clustering z-nodes
Key: NIFI-2315
URL: https://issues.apache.org/jira/browse/NIFI-2315
Project: Apache NiFi
Issue Type: Improvement
Affects Versions: 1.0.0
Reporter: Bryan Bende
Assignee: Mark Payne
Priority: Minor
Fix For: 1.1.0
In the state-management.xml file we provide a configurable property for the ZK ACL and we said:
"Access Control - Specifies which Access Controls will be applied to the ZooKeeper ZNodes that are created by this State Provider. This value must be set to one of:
- Open : ZNodes will be open to any ZooKeeper client.
- CreatorOnly : ZNodes will be accessible only by the creator. The creator will have full access to create children, read, write, delete, and administer the ZNodes.
This option is available only if access to ZooKeeper is secured via Kerberos or if a Username and Password are set."
We don't have any corresponding ACL property for clustering, we only specify the following in nifi.properties:
nifi.zookeeper.connect.string=${nifi.zookeeper.connect.string}
nifi.zookeeper.connect.timeout=${nifi.zookeeper.connect.timeout}
nifi.zookeeper.session.timeout=${nifi.zookeeper.session.timeout}
nifi.zookeeper.root.node=${nifi.zookeeper.root.node}
We would want to set both the CreatorOnly when securing the connection with Kerberos.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)