[ https://issues.apache.org/jira/browse/ZOOKEEPER-2569?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15507619#comment-15507619 ]
Arshad Mohammad edited comment on ZOOKEEPER-2569 at 9/20/16 7:57 PM: --------------------------------------------------------------------- This is not a problem. bq. \[zk: localhost:2181(CONNECTED) 14\] setAcl /newNode digest:user:pass:crdwa This step is wrong. To authorize user:pass id you should set the acl as {{setAcl /newNode digest:user:smGaoVKd/cQkjm7b88GyorAUz20=:crdwa}}. So there is no plain password here. was (Author: arshad.mohammad): This is not a prolem. bq. \[zk: localhost:2181(CONNECTED) 14\] setAcl /newNode digest:user:pass:crdwa This step is wrong. To authorize user:pass id you should set the acl as {{setAcl /newNode digest:user:smGaoVKd/cQkjm7b88GyorAUz20=:crdwa}}. So there is no plain password here. > plain password is stored when set individual ACL using digest scheme > -------------------------------------------------------------------- > > Key: ZOOKEEPER-2569 > URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2569 > Project: ZooKeeper > Issue Type: Bug > Components: security > Affects Versions: 3.5.1 > Reporter: Rakesh Kumar Singh > > Plain password is stored when set individual ACL using digest scheme instead > of storing the username and encoded hash string of <username:password> > [zk: localhost:2181(CONNECTED) 13] addauth digest user:pass > [zk: localhost:2181(CONNECTED) 14] setAcl /newNode digest:user:pass:crdwa > [zk: localhost:2181(CONNECTED) 15] getAcl /newNode > 'digest,'user:pass > : cdrwa > [zk: localhost:2181(CONNECTED) 16] -- This message was sent by Atlassian JIRA (v6.3.4#6332)