Other projects are using minikdc afaik. Solr, oozie, hive, accumulo, hbase, etc... It would be a test dependency.
Patrick On Tue, Apr 7, 2015 at 5:43 PM, yuliya Feldman <[email protected]> wrote: > I have uploaded updated spec with additional sections regarding backward > compatibility and testing. > Regarding minikdc - this is hadoop subproject. I doubt you want zookeeper > depending on it. On theother hand I am pretty sure minikdc project does not > need to be part of hadoop project since it does not really depend (or does > not need to depend) on anything from hadoop. > Thanks,Yuliya > From: Patrick Hunt <[email protected]> > To: DevZooKeeper <[email protected]>; yuliya Feldman < > [email protected]> > Sent: Tuesday, April 7, 2015 5:16 PM > Subject: Re: Pluggable SASL Authentication in Zookeeper > > That's good to hear (updates and testing with kerb). The minikdc will allow > us to validate as part of the unit tests, which will be a great addition > for folks trying to make changes and ensuring they don't break things. It's > always been a worry of mine with the current setup. > > Patrick > > > > On Tue, Apr 7, 2015 at 5:07 PM, yuliya Feldman <[email protected] > > > wrote: > > > Thank you Patrick for replying. > > Certainly everything that is working today should/will work out of the > box > > with pluggable way.Will update a document with test and backward > > compatibility goals. > > I do actually have a patch and UnitTests, though I tested Kerberos with > > real KDC, but all the Unit tests related to SASL were passing OK. > > Thanks,Yuliya > > > > From: Patrick Hunt <[email protected]> > > To: DevZooKeeper <[email protected]>; yuliya Feldman < > > [email protected]> > > Sent: Tuesday, April 7, 2015 4:58 PM > > Subject: Re: Pluggable SASL Authentication in Zookeeper > > > > Sounds like a reasonable goal. I don't see anything about testing, not > > breaking backward compatibility, etc... - I would think that we should > > ensure that kerberos continues to work. When the original sasl work was > > done the minikdc didn't exist, now that it does I think we should pull > that > > in as part of the validation (ensure things don't break). > > > > Patrick > > > > > > > > On Tue, Apr 7, 2015 at 3:15 PM, yuliya Feldman > <[email protected] > > > > > wrote: > > > > > Hello here, > > > I was wondering is whether Zookeeper community would benefit from > > > Pluggable SASL Authentication. > > > Today SASLAuthenticationProvider is used for all SASL based > > > authentications which creates some "if/else" statements in > > > ZookeeperSaslClient and ZookeeperSaslServer code even with just > Kerberos > > > and Digest.We want to use yet another different SASL based > authentication > > > and adding one more "if/else" with some code specific just to that new > > way > > > does not make much sense.Proposal is to allow to plug custom SASL > > > Authentication mechanism(s).I have submitted JIRA: [ZOOKEEPER-2159] > > > Pluggable SASL Authentication - ASF JIRAwith the proposal, so I would > > > appreciate feedback from the community.Thanks,Yuliya > > > > > > > > > > > > > > > > > >
