[
https://issues.apache.org/jira/browse/ZOOKEEPER-2159?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14484541#comment-14484541
]
Yuliya Feldman commented on ZOOKEEPER-2159:
-------------------------------------------
Yes - you are right on the first part. It may imply that weaker one can be used
while original intent was to use stronger one.
I listed "negotiation" as an improvement on top of the proposal, since it will
require more substantial changes in handling sasl request/response between
server and client.
> Pluggable SASL Authentication
> -----------------------------
>
> Key: ZOOKEEPER-2159
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2159
> Project: ZooKeeper
> Issue Type: Improvement
> Components: java client, server
> Reporter: Yuliya Feldman
> Assignee: Yuliya Feldman
> Attachments: PluggableZookeeperAuthentication (1).pdf,
> PluggableZookeeperAuthentication.pdf
>
>
> Today SASLAuthenticationProvider is used for all SASL based authentications
> which creates some "if/else" statements in ZookeeperSaslClient and
> ZookeeperSaslServer code with just Kerberos and Digest.
> We want to use yet another different SASL based authentication and adding one
> more "if/else" with some code specific just to that new way does not make
> much sense.
> Proposal is to allow to plug custom SASL Authentication mechanism(s) without
> further changes in Zookeeper code.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
