Robert Joseph Evans created STORM-224:
-----------------------------------------
Summary: Storm should use stricter ACLs whin zookeeper
Key: STORM-224
URL: https://issues.apache.org/jira/browse/STORM-224
Project: Apache Storm (Incubating)
Issue Type: Sub-task
Reporter: Robert Joseph Evans
In a stand alone environment storm stores everything wide open in ZK. We
really should lock this down with ACLs so that individual topologies cannot
modify data that the storm system uses, and so that other topologies cannot
modify/interfere with each other.
The current code from Yahoo will generate a random username/password for each
topology that is launched. This works great for most topologies, but for
trident topologies because they store long lived data in ZK the user has to
keep the credentials around themselves. We would love to switch ZK access over
to use a forwarded TGT, but have not finished the work to do this yet.
--
This message was sent by Atlassian JIRA
(v6.1.5#6160)
