[
https://issues.apache.org/jira/browse/HBASE-9706?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13786595#comment-13786595
]
Matteo Bertozzi commented on HBASE-9706:
----------------------------------------
patch looks good to me, and also the client should be able to connect to
zookeeper even without jaas.conf since all znodes accessed by the client should
be WORLD_READABLE (set by ZKUtil.createACL())
[~apurtell] [~ghelmling] thoughts?
> Improve detection of secure ZooKeeper
> -------------------------------------
>
> Key: HBASE-9706
> URL: https://issues.apache.org/jira/browse/HBASE-9706
> Project: HBase
> Issue Type: Bug
> Components: Client
> Affects Versions: 0.94.4, 0.95.0
> Environment: Java 6, RHEL, HBase 0.94.9
> Reporter: Eric Yang
> Assignee: Eric Yang
> Attachments: JIRA-9706-0.94.patch, JIRA-9706-0.95-trunk.patch
>
>
> HBase client code assumes ZooKeeper is secured, as long as there is a
> java.security.auth.login.config property being set. When HBase client is
> embedded in other java program with other security configuration, it can
> produce wrong assumption that ZooKeeper is secured. Ideally,
> isSecureZooKeeper method should detect Jaas configuration specifically for
> ZooKeeper to ensure that client program doesn't have a false positive
> detection.
--
This message was sent by Atlassian JIRA
(v6.1#6144)
