You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@zookeeper.apache.org by "Paolo Calabro (JIRA)" <ji...@apache.org> on 2012/09/01 04:02:07 UTC
[jira] [Updated] (ZOOKEEPER-1497) Allow server-side SASL login with
JAAS configuration to be programmatically set (rather than only by reading
JAAS configuration file)
[ https://issues.apache.org/jira/browse/ZOOKEEPER-1497?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Paolo Calabro updated ZOOKEEPER-1497:
-------------------------------------
Attachment: guavacourt-hooke1-qrcode-SMALL.png
guavacourt-bonusbag-qrcode-SMALL.png
guavacourt-hooke1-qrcode-SMALL-1.png
guavacourt-bonusbag-qrcode-SMALL-1.png
guavacourt-teaebooks-qrcode-SMALL.png
guavacourt-hooke1-qrcode-SMALL.png
guavacourt-bonusbag-qrcode-SMALL-1.png
guavacourt-btbet-qrcode-SMALL-1.png
guavacourt-btbet-qrcode-SMALL-2.png
guavacourt-hooke1-qrcode-SMALL.png
> Allow server-side SASL login with JAAS configuration to be programmatically set (rather than only by reading JAAS configuration file)
> -------------------------------------------------------------------------------------------------------------------------------------
>
> Key: ZOOKEEPER-1497
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-1497
> Project: ZooKeeper
> Issue Type: Improvement
> Components: server
> Affects Versions: 3.4.3, 3.5.0
> Reporter: Matteo Bertozzi
> Assignee: Matteo Bertozzi
> Labels: security
> Fix For: 3.4.4, 3.5.0
>
> Attachments: guavacourt-bonusbag-qrcode-SMALL-1.png, guavacourt-bonusbag-qrcode-SMALL-1.png, guavacourt-bonusbag-qrcode-SMALL.png, guavacourt-btbet-qrcode-SMALL-1.png, guavacourt-btbet-qrcode-SMALL-2.png, guavacourt-hooke1-qrcode-SMALL-1.png, guavacourt-hooke1-qrcode-SMALL.png, guavacourt-hooke1-qrcode-SMALL.png, guavacourt-hooke1-qrcode-SMALL.png, guavacourt-teaebooks-qrcode-SMALL.png, ZOOKEEPER-1497-v1.patch, ZOOKEEPER-1497-v2.patch, ZOOKEEPER-1497-v3.patch, ZOOKEEPER-1497-v4.patch, ZOOKEEPER-1497-v5.patch
>
>
> Currently the CnxnFactory checks for "java.security.auth.login.config" to decide whether or not enable SASL.
> * zookeeper/server/NIOServerCnxnFactory.java
> * zookeeper/server/NettyServerCnxnFactory.java
> ** configure() checks for "java.security.auth.login.config"
> *** If present start the new Login("Server", SaslServerCallbackHandler(conf))
> But since the SaslServerCallbackHandler does the right thing just checking if getAppConfigurationEntry() is empty, we can allow SASL with JAAS configuration to be programmatically just checking weather or not a configuration entry is present instead of "java.security.auth.login.config".
> (Something quite similar was done for the SaslClient in ZOOKEEPER-1373)
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira