Bryan Bende created NIFI-2315:
---------------------------------
Summary: Allow ZK ACL to be configurable for clustering z-nodes
Key: NIFI-2315
URL: https://issues.apache.org/jira/browse/NIFI-2315
Project: Apache NiFi
Issue Type: Improvement
Affects Versions: 1.0.0
Reporter: Bryan Bende
Assignee: Mark Payne
Priority: Minor
Fix For: 1.1.0
In the state-management.xml file we provide a configurable property for the ZK
ACL and we said:
"Access Control - Specifies which Access Controls will be applied to the
ZooKeeper ZNodes that are created by this State Provider. This value must be
set to one of:
- Open : ZNodes will be open to any ZooKeeper
client.
- CreatorOnly : ZNodes will be accessible only by
the creator. The creator will have full access to create children, read, write,
delete, and administer the ZNodes.
This option is available only if
access to ZooKeeper is secured via Kerberos or if a Username and Password are
set."
We don't have any corresponding ACL property for clustering, we only specify
the following in nifi.properties:
nifi.zookeeper.connect.string=${nifi.zookeeper.connect.string}
nifi.zookeeper.connect.timeout=${nifi.zookeeper.connect.timeout}
nifi.zookeeper.session.timeout=${nifi.zookeeper.session.timeout}
nifi.zookeeper.root.node=${nifi.zookeeper.root.node}
We would want to set both the CreatorOnly when securing the connection with
Kerberos.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
