[jira] [Commented] (ZOOKEEPER-1467) Make server principal configurable at client side.
[
https://issues.apache.org/jira/browse/ZOOKEEPER-1467?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16950775#comment-16950775
]
Mohammad Arshad commented on ZOOKEEPER-1467:
Thanks [~sujithsimon22] for the interest, added you as contributor, welcome to
ZooKeeper
> Make server principal configurable at client side.
> --
>
> Key: ZOOKEEPER-1467
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-1467
> Project: ZooKeeper
> Issue Type: Improvement
> Components: java client
>Affects Versions: 3.4.3, 3.4.4, 3.5.0
>Reporter: Laxman
>Assignee: Eugene Joseph Koontz
>Priority: Major
> Labels: Security, client, kerberos, pull-request-available, sasl
> Fix For: 3.6.0, 3.5.7
>
> Attachments: ZOOKEEPER-1467.patch, ZOOKEEPER-1467.patch
>
> Time Spent: 2h 20m
> Remaining Estimate: 0h
>
> Server principal on client side is derived using hostname.
> org.apache.zookeeper.ClientCnxn.SendThread.startConnect()
> {code}
>try {
> zooKeeperSaslClient = new
> ZooKeeperSaslClient("zookeeper/"+addr.getHostName());
> }
> {code}
> This may have problems when admin wanted some customized principals like
> zookeeper/cluste...@hadoop.com where clusterid is the cluster identifier but
> not the host name.
> IMO, server principal also should be configurable as hadoop is doing.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
[jira] [Commented] (ZOOKEEPER-1467) Make server principal configurable at client side.
[
https://issues.apache.org/jira/browse/ZOOKEEPER-1467?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16941699#comment-16941699
]
Sujith Simon commented on ZOOKEEPER-1467:
-
Can someone pls add me into the contributor list ? Thanks
> Make server principal configurable at client side.
> --
>
> Key: ZOOKEEPER-1467
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-1467
> Project: ZooKeeper
> Issue Type: Improvement
> Components: java client
>Affects Versions: 3.4.3, 3.4.4, 3.5.0
>Reporter: Laxman
>Assignee: Eugene Joseph Koontz
>Priority: Major
> Labels: Security, client, kerberos, pull-request-available, sasl
> Fix For: 3.6.0, 3.5.7
>
> Attachments: ZOOKEEPER-1467.patch, ZOOKEEPER-1467.patch
>
> Time Spent: 2h 20m
> Remaining Estimate: 0h
>
> Server principal on client side is derived using hostname.
> org.apache.zookeeper.ClientCnxn.SendThread.startConnect()
> {code}
>try {
> zooKeeperSaslClient = new
> ZooKeeperSaslClient("zookeeper/"+addr.getHostName());
> }
> {code}
> This may have problems when admin wanted some customized principals like
> zookeeper/cluste...@hadoop.com where clusterid is the cluster identifier but
> not the host name.
> IMO, server principal also should be configurable as hadoop is doing.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
[jira] [Commented] (ZOOKEEPER-1467) Make server principal configurable at client side.
[
https://issues.apache.org/jira/browse/ZOOKEEPER-1467?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16941611#comment-16941611
]
Mohammad Arshad commented on ZOOKEEPER-1467:
Thank [~sujithsimon22] for the contribution.
Thanks [~eolivelli], [~enixon] for the reviews.
> Make server principal configurable at client side.
> --
>
> Key: ZOOKEEPER-1467
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-1467
> Project: ZooKeeper
> Issue Type: Improvement
> Components: java client
>Affects Versions: 3.4.3, 3.4.4, 3.5.0
>Reporter: Laxman
>Assignee: Eugene Joseph Koontz
>Priority: Major
> Labels: Security, client, kerberos, pull-request-available, sasl
> Fix For: 3.6.0, 3.5.7
>
> Attachments: ZOOKEEPER-1467.patch, ZOOKEEPER-1467.patch
>
> Time Spent: 2h 10m
> Remaining Estimate: 0h
>
> Server principal on client side is derived using hostname.
> org.apache.zookeeper.ClientCnxn.SendThread.startConnect()
> {code}
>try {
> zooKeeperSaslClient = new
> ZooKeeperSaslClient("zookeeper/"+addr.getHostName());
> }
> {code}
> This may have problems when admin wanted some customized principals like
> zookeeper/cluste...@hadoop.com where clusterid is the cluster identifier but
> not the host name.
> IMO, server principal also should be configurable as hadoop is doing.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
[jira] [Commented] (ZOOKEEPER-1467) Make server principal configurable at client side.
[
https://issues.apache.org/jira/browse/ZOOKEEPER-1467?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16941606#comment-16941606
]
Mohammad Arshad commented on ZOOKEEPER-1467:
[~beeflyme] if you disagree with [~sujithsimon22], please create new jira we
can discuss there whether we can fetch server principal from server itself.
> Make server principal configurable at client side.
> --
>
> Key: ZOOKEEPER-1467
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-1467
> Project: ZooKeeper
> Issue Type: Improvement
> Components: java client
>Affects Versions: 3.4.3, 3.4.4, 3.5.0
>Reporter: Laxman
>Assignee: Eugene Joseph Koontz
>Priority: Major
> Labels: Security, client, kerberos, pull-request-available, sasl
> Fix For: 3.6.0, 3.5.7
>
> Attachments: ZOOKEEPER-1467.patch, ZOOKEEPER-1467.patch
>
> Time Spent: 2h 10m
> Remaining Estimate: 0h
>
> Server principal on client side is derived using hostname.
> org.apache.zookeeper.ClientCnxn.SendThread.startConnect()
> {code}
>try {
> zooKeeperSaslClient = new
> ZooKeeperSaslClient("zookeeper/"+addr.getHostName());
> }
> {code}
> This may have problems when admin wanted some customized principals like
> zookeeper/cluste...@hadoop.com where clusterid is the cluster identifier but
> not the host name.
> IMO, server principal also should be configurable as hadoop is doing.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
[jira] [Commented] (ZOOKEEPER-1467) Make server principal configurable at client side.
[
https://issues.apache.org/jira/browse/ZOOKEEPER-1467?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16941418#comment-16941418
]
Hudson commented on ZOOKEEPER-1467:
---
SUCCESS: Integrated in Jenkins build Zookeeper-trunk-single-thread #556 (See
[https://builds.apache.org/job/Zookeeper-trunk-single-thread/556/])
ZOOKEEPER-1467: Make server principal configurable at client side. (arshad: rev
0d7be16b86830f4bacc4fea9389e0dff760d38e0)
* (edit)
zookeeper-server/src/test/java/org/apache/zookeeper/ClientCanonicalizeTest.java
* (edit)
zookeeper-server/src/main/java/org/apache/zookeeper/util/SecurityUtils.java
* (edit)
zookeeper-server/src/main/java/org/apache/zookeeper/SaslServerPrincipal.java
* (edit) zookeeper-docs/src/main/resources/markdown/zookeeperProgrammers.md
* (edit)
zookeeper-server/src/main/java/org/apache/zookeeper/client/ZKClientConfig.java
> Make server principal configurable at client side.
> --
>
> Key: ZOOKEEPER-1467
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-1467
> Project: ZooKeeper
> Issue Type: Improvement
> Components: java client
>Affects Versions: 3.4.3, 3.4.4, 3.5.0
>Reporter: Laxman
>Assignee: Eugene Joseph Koontz
>Priority: Major
> Labels: Security, client, kerberos, pull-request-available, sasl
> Fix For: 3.6.0, 3.5.7
>
> Attachments: ZOOKEEPER-1467.patch, ZOOKEEPER-1467.patch
>
> Time Spent: 1h 20m
> Remaining Estimate: 0h
>
> Server principal on client side is derived using hostname.
> org.apache.zookeeper.ClientCnxn.SendThread.startConnect()
> {code}
>try {
> zooKeeperSaslClient = new
> ZooKeeperSaslClient("zookeeper/"+addr.getHostName());
> }
> {code}
> This may have problems when admin wanted some customized principals like
> zookeeper/cluste...@hadoop.com where clusterid is the cluster identifier but
> not the host name.
> IMO, server principal also should be configurable as hadoop is doing.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
[jira] [Commented] (ZOOKEEPER-1467) Make server principal configurable at client side.
[
https://issues.apache.org/jira/browse/ZOOKEEPER-1467?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16941361#comment-16941361
]
Hudson commented on ZOOKEEPER-1467:
---
SUCCESS: Integrated in Jenkins build ZooKeeper-trunk #718 (See
[https://builds.apache.org/job/ZooKeeper-trunk/718/])
ZOOKEEPER-1467: Make server principal configurable at client side. (arshad: rev
0d7be16b86830f4bacc4fea9389e0dff760d38e0)
* (edit) zookeeper-docs/src/main/resources/markdown/zookeeperProgrammers.md
* (edit)
zookeeper-server/src/main/java/org/apache/zookeeper/util/SecurityUtils.java
* (edit)
zookeeper-server/src/main/java/org/apache/zookeeper/SaslServerPrincipal.java
* (edit)
zookeeper-server/src/main/java/org/apache/zookeeper/client/ZKClientConfig.java
* (edit)
zookeeper-server/src/test/java/org/apache/zookeeper/ClientCanonicalizeTest.java
> Make server principal configurable at client side.
> --
>
> Key: ZOOKEEPER-1467
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-1467
> Project: ZooKeeper
> Issue Type: Improvement
> Components: java client
>Affects Versions: 3.4.3, 3.4.4, 3.5.0
>Reporter: Laxman
>Assignee: Eugene Joseph Koontz
>Priority: Major
> Labels: Security, client, kerberos, pull-request-available, sasl
> Fix For: 3.6.0, 3.5.7
>
> Attachments: ZOOKEEPER-1467.patch, ZOOKEEPER-1467.patch
>
> Time Spent: 1h 20m
> Remaining Estimate: 0h
>
> Server principal on client side is derived using hostname.
> org.apache.zookeeper.ClientCnxn.SendThread.startConnect()
> {code}
>try {
> zooKeeperSaslClient = new
> ZooKeeperSaslClient("zookeeper/"+addr.getHostName());
> }
> {code}
> This may have problems when admin wanted some customized principals like
> zookeeper/cluste...@hadoop.com where clusterid is the cluster identifier but
> not the host name.
> IMO, server principal also should be configurable as hadoop is doing.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
