You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@zookeeper.apache.org by Tom Klonikowski <me...@kloni.de> on 2011/09/20 11:37:44 UTC

SASL authorizedID problem

Hello developers,

the SaslServerCallbackHandler in trunk changes the principal name
service/host@REALM to service/service@REALM (i guess unintentionally).

lines 131-133:
if (!removeHost() && (kerberosName.getHostName() != null)) {
  userName += "/" + kerberosName.getServiceName();
}

Server Log:

SaslServerCallbackHandler@115] - Successfully authenticated client:
authenticationID=fetcher/ubook@QUINZOO;
authorizationID=fetcher/ubook@QUINZOO.

SaslServerCallbackHandler@137] - Setting authorizedID:
fetcher/fetcher@QUINZOO

Greetings,

Tom Klonikowski
HAW Hamburg

Re: SASL authorizedID problem

Posted by Eugene Koontz <ek...@hiro-tan.org>.

On 9/20/11 2:37 AM, Tom Klonikowski wrote:
> Hello developers,
>
> the SaslServerCallbackHandler in trunk changes the principal name
> service/host@REALM to service/service@REALM (i guess unintentionally).
>
>
>
Thank you Tom,

I have created a JIRA and uploaded a patch that fixes the bug that you 
found.

https://issues.apache.org/jira/browse/ZOOKEEPER-1195

-Eugene