[GitHub] eolivelli commented on a change in pull request #350: Issue 349: Documentation for security feature in 4.5.0

[gi...@git.apache.org]

eolivelli commented on a change in pull request #350: Issue 349: Documentation for security feature in 4.5.0
URL: https://github.com/apache/bookkeeper/pull/350#discussion_r130797264
 
 

 ##########
 File path: site/docs/security/index.md
 ##########
 @@ -0,0 +1,21 @@
+---
+title: BookKeeper Security
+next: ./tls.html
+---
+
+In the 4.5.0 release, the BookKeeper community added a number of features that can be used, together or separately, to secure a BookKeeper cluster.
+The following security measures are currently supported:
+
+1. Authentication of connections to bookies from clients, using either [TLS](./tls) or [SASL (Kerberos)](./sasl).
+2. Authentication of connections from clients, bookies, autorecovery daemons to [ZooKeeper](./zookeeper), when using zookeeper based ledger managers.
+3. Encryption of data transferred between bookies and clients, between bookies and autorecovery daemons using [TLS](./tls).
+
+It?s worth noting that security is optional - non-secured clusters are supported, as well as a mix of authenticated, unauthenticated, encrypted and non-encrypted clients.
+
+NOTE: currenlty `authorization` is not yet available in `4.5.0`. The Apache BookKeeper community is looking for adding this feature in subsequent releases.
 
 Review comment:
   typo: currenlty
 
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
users@infra.apache.org


With regards,
Apache Git Services