Re: Review Request: Allow server-side SASL login with JAAS configuration to be programmatically set (rather than only by reading JAAS configuration file)

Wed, 01 Aug 2012 13:34:03 -0700 

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/6290/
-----------------------------------------------------------

(Updated Aug. 1, 2012, 8:33 p.m.)


Review request for zookeeper, Patrick Hunt and Eugene Koontz.


Changes
-------

addressed the review comments


Description
-------

Currently the CnxnFactory checks for "java.security.auth.login.config" to 
decide whether or not enable SASL.
- zookeeper/server/NIOServerCnxnFactory.java 
- zookeeper/server/NettyServerCnxnFactory.java
  - configure() checks for "java.security.auth.login.config"
    - If present start the new Login("Server", SaslServerCallbackHandler(conf))

But since the SaslServerCallbackHandler does the right thing just checking if 
getAppConfigurationEntry() is empty, we can allow SASL with JAAS configuration 
to be programmatically just checking weather or not a configuration entry is 
present instead of "java.security.auth.login.config".
(Something quite similar was done for the SaslClient in ZOOKEEPER-1373)


This addresses bug ZOOKEEPER-1497.
    https://issues.apache.org/jira/browse/ZOOKEEPER-1497


Diffs (updated)
-----

  /src/java/main/org/apache/zookeeper/Environment.java 1368201 
  /src/java/main/org/apache/zookeeper/client/ZooKeeperSaslClient.java 1368201 
  /src/java/main/org/apache/zookeeper/server/NIOServerCnxnFactory.java 1368201 
  /src/java/main/org/apache/zookeeper/server/NettyServerCnxnFactory.java 
1368201 
  /src/java/main/org/apache/zookeeper/server/ServerCnxnFactory.java 1368201 
  /src/java/main/org/apache/zookeeper/server/ZooKeeperSaslServer.java 1368201 
  
/src/java/main/org/apache/zookeeper/server/auth/SaslServerCallbackHandler.java 
1368201 
  /src/java/test/org/apache/zookeeper/JaasConfiguration.java PRE-CREATION 
  /src/java/test/org/apache/zookeeper/test/ClientBase.java 1368201 
  /src/java/test/org/apache/zookeeper/test/SaslAuthDesignatedServerTest.java 
PRE-CREATION 

Diff: https://reviews.apache.org/r/6290/diff/


Testing
-------

New testcase added SaslAuthDesignatedServerTest to check if 
ZooKeeperSaslServer.LOGIN_CONTEXT_NAME_KEY is used.
(A new JaasConfiguration class was added to wrap the jaas.conf)

+Manual testing for HBASE-4791


Thanks,

Matteo Bertozzi

Reply via email to