Sounds like a reasonable goal. I don't see anything about testing, not breaking backward compatibility, etc... - I would think that we should ensure that kerberos continues to work. When the original sasl work was done the minikdc didn't exist, now that it does I think we should pull that in as part of the validation (ensure things don't break).
Patrick On Tue, Apr 7, 2015 at 3:15 PM, yuliya Feldman <[email protected]> wrote: > Hello here, > I was wondering is whether Zookeeper community would benefit from > Pluggable SASL Authentication. > Today SASLAuthenticationProvider is used for all SASL based > authentications which creates some "if/else" statements in > ZookeeperSaslClient and ZookeeperSaslServer code even with just Kerberos > and Digest.We want to use yet another different SASL based authentication > and adding one more "if/else" with some code specific just to that new way > does not make much sense.Proposal is to allow to plug custom SASL > Authentication mechanism(s).I have submitted JIRA: [ZOOKEEPER-2159] > Pluggable SASL Authentication - ASF JIRAwith the proposal, so I would > appreciate feedback from the community.Thanks,Yuliya > >
