[ https://issues.apache.org/jira/browse/ZOOKEEPER-2793?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16208025#comment-16208025 ]
Rakesh R commented on ZOOKEEPER-2793: ------------------------------------- Below is the proposal to add the {{authorized_hosts}} information to the ZK ensemble. # Introduce reserved path : {{/zookeeper/authorized_hosts}}, which will store the host details like {{"host1,host2,host3"}}. Before invoking the #reconfig call the authorized_hosts has to be updated with the newly joining hosts Validation logic will use these pre-authorized hosts and reject any host which doesn't exists in this list. # Admin can update the authorized_hosts via ZooKeeper.setData("/zookeeper/authorized_hosts", ...) // user can call existing set/get/delete client APIs. # Expose zkCli.sh commands for better user experience, - setAuthorizedHosts host1,host2 - listAuthorizedHosts - delAuthorizedHosts host1,host2 [~phunt], IIRC, the above idea is same as we discussed some time back. Please feel free to edit if I missed anything. Thanks! > [QP MutualAuth]: Build a mechanism to build "authzHosts" for dynamic reconfig > servers > ------------------------------------------------------------------------------------- > > Key: ZOOKEEPER-2793 > URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2793 > Project: ZooKeeper > Issue Type: Sub-task > Components: quorum, security > Reporter: Rakesh R > Fix For: 3.5.4, 3.6.0 > > > {{QuorumServer}} will do the authorization checks against configured > authorized hosts. During LE, QuorumLearner will send an authentication packet > to QuorumServer. Now, QuorumServer will check that the connecting > QuorumLearner’s hostname exists in the authorized hosts. If not exists then > connecting peer is not authorized to join this ensemble and the request will > be rejected immediately. > In {{branch-3.4}} building {{authzHosts}} list is pretty straight forward, > can use the ensemble server details in zoo.cfg file. But with dynamic > reconfig, it has to consider the dynamic add/remove/update servers and need > to discuss the ways to handle dynamic cases. -- This message was sent by Atlassian JIRA (v6.4.14#64029)