[
https://issues.apache.org/jira/browse/HBASE-14775?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Gary Helmling updated HBASE-14775:
----------------------------------
Component/s: security
Replication
> Replication can't authenticate with peer Zookeeper with different server
> principal
> ----------------------------------------------------------------------------------
>
> Key: HBASE-14775
> URL: https://issues.apache.org/jira/browse/HBASE-14775
> Project: HBase
> Issue Type: Bug
> Components: Replication, security
> Reporter: Gary Helmling
> Assignee: Gary Helmling
>
> When replication is setup with security, where the local ZK cluster and peer
> ZK cluster use different server principals, the source HBase cluster is
> unable to authenticate with the peer ZK cluster.
> When ZK is configured for SASL authentication and a server principal other
> than the default ("zookeeper") is used, the correct server principal must be
> specified on the client as a system property -- the confusingly named
> {{zookeeper.sasl.client.username}}. However, since this is given as a system
> property, authentication with the peer cluster breaks when it uses a
> different ZK server principal than the local cluster.
> We need a way of tying this setting to the replication peer config and then
> setting the property when the peer's ZooKeeperWatcher is created.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
