[
https://issues.apache.org/jira/browse/KNOX-1102?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Phil Zampino resolved KNOX-1102.
--------------------------------
Resolution: Not A Problem
Since the Hadoop services are responsible for the ACLs on the znodes referenced
by the HaProvider URL managers that employ ZooKeeper, it doesn't make sense to
make recommendations for setting those from a Knox perspective.
Also, since the existing ACLs appear to allow reading for even unauthenticated
ZooKeeper clients, recommendations for configuring client authentication seems
unnecessary at this time.
> Document Recommended ZooKeeper SASL Configuration for HA Providers
> -------------------------------------------------------------------
>
> Key: KNOX-1102
> URL: https://issues.apache.org/jira/browse/KNOX-1102
> Project: Apache Knox
> Issue Type: Bug
> Components: Site
> Affects Versions: 0.14.0
> Reporter: Phil Zampino
> Assignee: Phil Zampino
>
> There are multiple ZooKeeper clients in use in Knox in the form of HA
> Providers. If they are all in use in a single Knox instance, then they need
> to share a common SASL (JAAS) configuration because the currently-released
> version of the ZooKeeper client only supports a single login context.
> This doc may also include recommendations wrt znode ACLs where they are found
> deficient.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
