Rakesh R created ZOOKEEPER-2793:
-----------------------------------
Summary: [QP MutualAuth]: Build a mechanism to build "authzHosts"
for dynamic reconfig servers
Key: ZOOKEEPER-2793
URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2793
Project: ZooKeeper
Issue Type: Sub-task
Reporter: Rakesh R
{{QuorumServer}} will do the authorization checks against configured authorized
hosts. During LE, QuorumLearner will send an authentication packet to
QuorumServer. Now, QuorumServer will check that the connecting QuorumLearner’s
hostname exists in the authorized hosts. If not exists then connecting peer is
not authorized to join this ensemble and the request will be rejected
immediately.
In {{branch-3.4}} building {{authzHosts}} list is pretty straight forward, can
use the ensemble server details in zoo.cfg file. But with dynamic reconfig, it
has to consider the dynamic add/remove/update servers and need to discuss the
ways to handle dynamic cases.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
