[
https://issues.apache.org/jira/browse/ZOOKEEPER-4336?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
prashanth reddy updated ZOOKEEPER-4336:
---------------------------------------
Description:
Hi Team,
I have configured DigestAuthenticationProvider as zookeeper auth provider in my
environment to let only users configured in zookeeper-jass.conf to authenticate
with zookeeper, but when I try to authenticate with a user not in
zookeeper-jass.conf , it is able to authenticate successfully.
Please find the attachment for configuration files used.
Could someone please suggest?
was:
Hi Team,
I have configured DigestAuthenticationProvider as zookeeper auth provider in my
environment to let only users configured in zookeeper-jass.conf to authenticate
with zookeeper, but when I try to authenticate with a user not in
zookeeper-jass.conf , it is able to authenticate successfully.
Could someone please suggest?
> Able to authentication to zookeeper with user not configured in
> zookeeper-jaas.conf
> -----------------------------------------------------------------------------------
>
> Key: ZOOKEEPER-4336
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-4336
> Project: ZooKeeper
> Issue Type: Bug
> Components: security
> Affects Versions: 3.7.0
> Environment: *Zookeeper log:*
> Jul 14 07:03:41 vm-523 zookeeper[90699]: 2021-07-14 07:03:41,161 - INFO
> [nioEventLoopGroup-4-1:X509AuthenticationProvider@166] - Authenticated Id
> '1.2.840.113549.1.9.1=#161370726173686b726540696e2e69626d2e636f6d,CN=vm-523,OU=PVC,O=IBM,L=BLR,ST=KAR,C=IN'
> for Scheme 'x509'
> Jul 14 07:03:41 vm-523 zookeeper[90699]: 2021-07-14 07:03:41,168 - INFO
> [SyncThread:0:FileTxnLog@284] - Creating new log file: log.8c
> Jul 14 07:03:41 vm-523 zookeeper[90699]: 2021-07-14 07:03:41,187 - INFO
> [nioEventLoopGroup-4-1:ZooKeeperServer@1623] - got auth packet
> /xx.xx.xx.xx:56798
> Jul 14 07:03:41 vm-523 zookeeper[90699]: 2021-07-14 07:03:41,189 - INFO
> [nioEventLoopGroup-4-1:ZooKeeperServer@1642] - Session 0x1006ae09b290000:
> auth success for scheme digest and address /xx.xx.xx.xx:56798
> Reporter: prashanth reddy
> Priority: Major
> Attachments: zoo.cfg, zookeeper-jass.conf, zookeeper.service.txt
>
>
> Hi Team,
> I have configured DigestAuthenticationProvider as zookeeper auth provider in
> my environment to let only users configured in zookeeper-jass.conf to
> authenticate with zookeeper, but when I try to authenticate with a user not
> in zookeeper-jass.conf , it is able to authenticate successfully.
>
> Please find the attachment for configuration files used.
> Could someone please suggest?
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
