[
https://issues.apache.org/jira/browse/BOOKKEEPER-391?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15962848#comment-15962848
]
ASF GitHub Bot commented on BOOKKEEPER-391:
-------------------------------------------
Github user revans2 commented on the issue:
https://github.com/apache/bookkeeper/pull/110
@eolivelli I am OK with having MD5 in there, but it is horribly insecure
and should not be used in production. If we do put it in we should deprecate
it very quickly afterwards and ask people to move to kerberos.
https://en.wikipedia.org/wiki/MD5
The fact that ZK still uses it is on my TODO list as it should be replaced
with something better.
> Support Kerberos authentication of bookkeeper
> ---------------------------------------------
>
> Key: BOOKKEEPER-391
> URL: https://issues.apache.org/jira/browse/BOOKKEEPER-391
> Project: Bookkeeper
> Issue Type: New Feature
> Components: bookkeeper-client, bookkeeper-server
> Reporter: Rakesh R
> Assignee: Enrico Olivelli
> Fix For: 4.5.0
>
>
> This JIRA to discuss authentication mechanism of bookie clients and server.
> Assume ZK provides fully secured communication channel using Kerberos based
> authentication and authorization model. We could also manage and renew users
> authenticated to BK via Kerberos. There is currently no configuration or
> hooks for the Bookie process to obtain Kerberos credentials.
> Today an unauthenticated bookie client can easily establish connection with
> the bookkeeper server.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
