[jira] [Commented] (ZOOKEEPER-1467) Make server principal configurable at client side.
[ https://issues.apache.org/jira/browse/ZOOKEEPER-1467?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16950775#comment-16950775 ] Mohammad Arshad commented on ZOOKEEPER-1467: Thanks [~sujithsimon22] for the interest, added you as contributor, welcome to ZooKeeper > Make server principal configurable at client side. > -- > > Key: ZOOKEEPER-1467 > URL: https://issues.apache.org/jira/browse/ZOOKEEPER-1467 > Project: ZooKeeper > Issue Type: Improvement > Components: java client >Affects Versions: 3.4.3, 3.4.4, 3.5.0 >Reporter: Laxman >Assignee: Eugene Joseph Koontz >Priority: Major > Labels: Security, client, kerberos, pull-request-available, sasl > Fix For: 3.6.0, 3.5.7 > > Attachments: ZOOKEEPER-1467.patch, ZOOKEEPER-1467.patch > > Time Spent: 2h 20m > Remaining Estimate: 0h > > Server principal on client side is derived using hostname. > org.apache.zookeeper.ClientCnxn.SendThread.startConnect() > {code} >try { > zooKeeperSaslClient = new > ZooKeeperSaslClient("zookeeper/"+addr.getHostName()); > } > {code} > This may have problems when admin wanted some customized principals like > zookeeper/cluste...@hadoop.com where clusterid is the cluster identifier but > not the host name. > IMO, server principal also should be configurable as hadoop is doing. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (ZOOKEEPER-1467) Make server principal configurable at client side.
[ https://issues.apache.org/jira/browse/ZOOKEEPER-1467?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16941699#comment-16941699 ] Sujith Simon commented on ZOOKEEPER-1467: - Can someone pls add me into the contributor list ? Thanks > Make server principal configurable at client side. > -- > > Key: ZOOKEEPER-1467 > URL: https://issues.apache.org/jira/browse/ZOOKEEPER-1467 > Project: ZooKeeper > Issue Type: Improvement > Components: java client >Affects Versions: 3.4.3, 3.4.4, 3.5.0 >Reporter: Laxman >Assignee: Eugene Joseph Koontz >Priority: Major > Labels: Security, client, kerberos, pull-request-available, sasl > Fix For: 3.6.0, 3.5.7 > > Attachments: ZOOKEEPER-1467.patch, ZOOKEEPER-1467.patch > > Time Spent: 2h 20m > Remaining Estimate: 0h > > Server principal on client side is derived using hostname. > org.apache.zookeeper.ClientCnxn.SendThread.startConnect() > {code} >try { > zooKeeperSaslClient = new > ZooKeeperSaslClient("zookeeper/"+addr.getHostName()); > } > {code} > This may have problems when admin wanted some customized principals like > zookeeper/cluste...@hadoop.com where clusterid is the cluster identifier but > not the host name. > IMO, server principal also should be configurable as hadoop is doing. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (ZOOKEEPER-1467) Make server principal configurable at client side.
[ https://issues.apache.org/jira/browse/ZOOKEEPER-1467?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16941611#comment-16941611 ] Mohammad Arshad commented on ZOOKEEPER-1467: Thank [~sujithsimon22] for the contribution. Thanks [~eolivelli], [~enixon] for the reviews. > Make server principal configurable at client side. > -- > > Key: ZOOKEEPER-1467 > URL: https://issues.apache.org/jira/browse/ZOOKEEPER-1467 > Project: ZooKeeper > Issue Type: Improvement > Components: java client >Affects Versions: 3.4.3, 3.4.4, 3.5.0 >Reporter: Laxman >Assignee: Eugene Joseph Koontz >Priority: Major > Labels: Security, client, kerberos, pull-request-available, sasl > Fix For: 3.6.0, 3.5.7 > > Attachments: ZOOKEEPER-1467.patch, ZOOKEEPER-1467.patch > > Time Spent: 2h 10m > Remaining Estimate: 0h > > Server principal on client side is derived using hostname. > org.apache.zookeeper.ClientCnxn.SendThread.startConnect() > {code} >try { > zooKeeperSaslClient = new > ZooKeeperSaslClient("zookeeper/"+addr.getHostName()); > } > {code} > This may have problems when admin wanted some customized principals like > zookeeper/cluste...@hadoop.com where clusterid is the cluster identifier but > not the host name. > IMO, server principal also should be configurable as hadoop is doing. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (ZOOKEEPER-1467) Make server principal configurable at client side.
[ https://issues.apache.org/jira/browse/ZOOKEEPER-1467?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16941606#comment-16941606 ] Mohammad Arshad commented on ZOOKEEPER-1467: [~beeflyme] if you disagree with [~sujithsimon22], please create new jira we can discuss there whether we can fetch server principal from server itself. > Make server principal configurable at client side. > -- > > Key: ZOOKEEPER-1467 > URL: https://issues.apache.org/jira/browse/ZOOKEEPER-1467 > Project: ZooKeeper > Issue Type: Improvement > Components: java client >Affects Versions: 3.4.3, 3.4.4, 3.5.0 >Reporter: Laxman >Assignee: Eugene Joseph Koontz >Priority: Major > Labels: Security, client, kerberos, pull-request-available, sasl > Fix For: 3.6.0, 3.5.7 > > Attachments: ZOOKEEPER-1467.patch, ZOOKEEPER-1467.patch > > Time Spent: 2h 10m > Remaining Estimate: 0h > > Server principal on client side is derived using hostname. > org.apache.zookeeper.ClientCnxn.SendThread.startConnect() > {code} >try { > zooKeeperSaslClient = new > ZooKeeperSaslClient("zookeeper/"+addr.getHostName()); > } > {code} > This may have problems when admin wanted some customized principals like > zookeeper/cluste...@hadoop.com where clusterid is the cluster identifier but > not the host name. > IMO, server principal also should be configurable as hadoop is doing. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (ZOOKEEPER-1467) Make server principal configurable at client side.
[ https://issues.apache.org/jira/browse/ZOOKEEPER-1467?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16941418#comment-16941418 ] Hudson commented on ZOOKEEPER-1467: --- SUCCESS: Integrated in Jenkins build Zookeeper-trunk-single-thread #556 (See [https://builds.apache.org/job/Zookeeper-trunk-single-thread/556/]) ZOOKEEPER-1467: Make server principal configurable at client side. (arshad: rev 0d7be16b86830f4bacc4fea9389e0dff760d38e0) * (edit) zookeeper-server/src/test/java/org/apache/zookeeper/ClientCanonicalizeTest.java * (edit) zookeeper-server/src/main/java/org/apache/zookeeper/util/SecurityUtils.java * (edit) zookeeper-server/src/main/java/org/apache/zookeeper/SaslServerPrincipal.java * (edit) zookeeper-docs/src/main/resources/markdown/zookeeperProgrammers.md * (edit) zookeeper-server/src/main/java/org/apache/zookeeper/client/ZKClientConfig.java > Make server principal configurable at client side. > -- > > Key: ZOOKEEPER-1467 > URL: https://issues.apache.org/jira/browse/ZOOKEEPER-1467 > Project: ZooKeeper > Issue Type: Improvement > Components: java client >Affects Versions: 3.4.3, 3.4.4, 3.5.0 >Reporter: Laxman >Assignee: Eugene Joseph Koontz >Priority: Major > Labels: Security, client, kerberos, pull-request-available, sasl > Fix For: 3.6.0, 3.5.7 > > Attachments: ZOOKEEPER-1467.patch, ZOOKEEPER-1467.patch > > Time Spent: 1h 20m > Remaining Estimate: 0h > > Server principal on client side is derived using hostname. > org.apache.zookeeper.ClientCnxn.SendThread.startConnect() > {code} >try { > zooKeeperSaslClient = new > ZooKeeperSaslClient("zookeeper/"+addr.getHostName()); > } > {code} > This may have problems when admin wanted some customized principals like > zookeeper/cluste...@hadoop.com where clusterid is the cluster identifier but > not the host name. > IMO, server principal also should be configurable as hadoop is doing. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (ZOOKEEPER-1467) Make server principal configurable at client side.
[ https://issues.apache.org/jira/browse/ZOOKEEPER-1467?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16941361#comment-16941361 ] Hudson commented on ZOOKEEPER-1467: --- SUCCESS: Integrated in Jenkins build ZooKeeper-trunk #718 (See [https://builds.apache.org/job/ZooKeeper-trunk/718/]) ZOOKEEPER-1467: Make server principal configurable at client side. (arshad: rev 0d7be16b86830f4bacc4fea9389e0dff760d38e0) * (edit) zookeeper-docs/src/main/resources/markdown/zookeeperProgrammers.md * (edit) zookeeper-server/src/main/java/org/apache/zookeeper/util/SecurityUtils.java * (edit) zookeeper-server/src/main/java/org/apache/zookeeper/SaslServerPrincipal.java * (edit) zookeeper-server/src/main/java/org/apache/zookeeper/client/ZKClientConfig.java * (edit) zookeeper-server/src/test/java/org/apache/zookeeper/ClientCanonicalizeTest.java > Make server principal configurable at client side. > -- > > Key: ZOOKEEPER-1467 > URL: https://issues.apache.org/jira/browse/ZOOKEEPER-1467 > Project: ZooKeeper > Issue Type: Improvement > Components: java client >Affects Versions: 3.4.3, 3.4.4, 3.5.0 >Reporter: Laxman >Assignee: Eugene Joseph Koontz >Priority: Major > Labels: Security, client, kerberos, pull-request-available, sasl > Fix For: 3.6.0, 3.5.7 > > Attachments: ZOOKEEPER-1467.patch, ZOOKEEPER-1467.patch > > Time Spent: 1h 20m > Remaining Estimate: 0h > > Server principal on client side is derived using hostname. > org.apache.zookeeper.ClientCnxn.SendThread.startConnect() > {code} >try { > zooKeeperSaslClient = new > ZooKeeperSaslClient("zookeeper/"+addr.getHostName()); > } > {code} > This may have problems when admin wanted some customized principals like > zookeeper/cluste...@hadoop.com where clusterid is the cluster identifier but > not the host name. > IMO, server principal also should be configurable as hadoop is doing. -- This message was sent by Atlassian Jira (v8.3.4#803005)