Arshad Mohammad commented on ZOOKEEPER-2585:

# Thanks [~rakeshsingh] for the advice. These are my opinion based on technical 
facts and these are not conclusions. If it was concluded it would have been 
closed as not an issue.
# bq. In this issue pls try to perform the steps mentioned here in 2 case- one 
when zookeeper started in ssl mode and another when zookeeper started in 
non-ssl mode and will get the difference
I think this is something new you are taking about. It is not mentioned in the 
defect description. In the defect description only SSL enabled standalone 
server is mentioned.
# sure, we can discuss for clarity. Which step  you performed on non SSL server 

> ACL with SSL is not working
> ---------------------------
>                 Key: ZOOKEEPER-2585
>                 URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2585
>             Project: ZooKeeper
>          Issue Type: Bug
>          Components: server
>    Affects Versions: 3.5.1
>            Reporter: Rakesh Kumar Singh
>            Priority: Critical
> Set ACL with SSL is not working
> Steps to reproduce:-
> 1. Start zookeeper in ssl mode in standalone
> 2. Connect zookeeper from zookeeper client (using zkCli.sh)
> 3. add auth and set ACL as below and then quit the client :-
> [zk: localhost:2181(CONNECTED) 0] addauth digest u1:p1
> [zk: localhost:2181(CONNECTED) 1] create /test_auth hello
> Created /test_auth
> [zk: localhost:2181(CONNECTED) 2] setAcl /test_auth auth:u1:p1:crdwa
> [zk: localhost:2181(CONNECTED) 3] get /test_auth
> hello
> [zk: localhost:2181(CONNECTED) 4] quit
> 4. Connect again zookeeper from zookeeper client (using zkCli.sh)
> 5. Try to access the znode, try to set the data and so on, everything is 
> allowed
> [zk: localhost:2181(CONNECTED) 2] set /test_auth hello1
> [zk: localhost:2181(CONNECTED) 3] get /test_auth
> hello1
> [zk: localhost:2181(CONNECTED) 1] getAcl /test_auth
> 'x509,'CN=locahost%2COU=CS%2CO=HUAWEI%2CL=Shenzhen%2CST=Guangdong%2CC=CHINA
> : cdrwa
> 'digest,'u1:fpT/y03U+EjItKZOSLGvjnJlyng=
> : cdrwa

This message was sent by Atlassian JIRA

Reply via email to