GitHub user craz186 opened a pull request:
https://github.com/apache/zookeeper/pull/457
ZOOKEEPER-1534: ZookeeperServer now returns AuthFailed events for SASL cred
failures
ZookeeperServer previously closed client connections instead of returning
AuthFailed events for SASL authentication failures.
This PR changes the Zookeeper Server to return an AuthFailed event and then
afterwards closes the connection.
I am unsure of the standard for SetSaslResponses and would appreciate any
feedback as to how to represent a failed Authentication through SetSaslResponse
objects. Currently I am just returning a string.
Note: The unit test I've supplied will only work with a real ZKServer, it
seems that the testing server hides this bug and I've been unable to reproduce
with the Testing Server.
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/craz186/zookeeper ZOOKEEPER-1534
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/zookeeper/pull/457.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #457
----
commit add6963b8e62f3ccdaf80f1a02428544c3a105d8
Author: sean.gibbons <sean.gibbons@...>
Date: 2018-02-05T16:09:59Z
ZOOKEEPER-1534: ZookeeperServer now returns AuthFailed events instead of
closing client connection when SASL authentication uses invalid credentials,
added unit test to demonstrate
----
---
