sijie commented on a change in pull request #350: Issue 349: Documentation for security feature in 4.5.0 URL: https://github.com/apache/bookkeeper/pull/350#discussion_r131610439
########## File path: site/docs/security/zookeeper.md ########## @@ -0,0 +1,41 @@ +--- +title: ZooKeeper Authentication +prev: ../sasl +--- + +## New Clusters + +To enable `ZooKeeper` authentication on Bookies or Clients, there are two necessary steps: + +1. Create a `JAAS` login file and set the appropriate system property to point to it as described in [GSSAPI (Kerberos)](../sasl#notes). +2. Set the configuration property `zkEnableSecurity` in each bookie to `true`. + +The metadata stored in `ZooKeeper` is such that only certain clients will be able to modify the corresponding znodes, but znodes are world readable. Review comment: done ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services