[jira] [Commented] (ZOOKEEPER-2709) Clarify documentation around "auth" ACL scheme

Mon, 06 Mar 2017 22:13:48 -0800 

    [ 
https://issues.apache.org/jira/browse/ZOOKEEPER-2709?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15898804#comment-15898804
 ] 

ASF GitHub Bot commented on ZOOKEEPER-2709:
-------------------------------------------

Github user hanm commented on a diff in the pull request:

    https://github.com/apache/zookeeper/pull/182#discussion_r104595517
  
    --- Diff: src/docs/src/documentation/content/xdocs/zookeeperProgrammers.xml 
---
    @@ -899,9 +899,12 @@
             single id, <emphasis>anyone</emphasis>, that represents
             anyone.</para></listitem>
     
    -        <listitem><para><emphasis role="bold">auth</emphasis> doesn't
    -        use any id, represents any authenticated
    -        user.</para></listitem>
    +        <listitem><para><emphasis role="bold">auth</emphasis> is a 
convenience
    +        scheme which defaults to the currently-authenticated user and 
scheme.
    +        Any ID which is provided using this scheme is ignored by ZooKeeper.
    --- End diff --
    
    Thanks for the patch, it is a good improvement on doc.
    
    I think the ID here refers to the id of the scheme:id pair of the ID object 
in the ACL, correct? Mentioning this because the auth scheme is also referenced 
in command line where people can do 'setAcl /node auth:username:password:crdwa' 
in which case the username (sometimes overloaded as id) is required. 



> Clarify documentation around "auth" ACL scheme
> ----------------------------------------------
>
>                 Key: ZOOKEEPER-2709
>                 URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2709
>             Project: ZooKeeper
>          Issue Type: Task
>          Components: documentation
>            Reporter: Josh Elser
>            Priority: Minor
>
> We recently found up in HBASE-17717 that we were incorrectly setting an ACL 
> on our "sensitive" znodes after the output of {{getACL}} on these nodes 
> didn't match what was expected.
> In referencing the documentation about how the {{auth}} ACL scheme was 
> supposed to work, it was unclear if it was a ZooKeeper bug or an HBase bug. 
> After reading some ZooKeeper code, we found that it was an HBase bug, but it 
> would be nice to clarify the docs around this ACL scheme.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

Reply via email to