Hi We use ZK 3.4.13, and unfortunately cannot use Netty transport and SSL. We plan to use digest authentication and Zookeeper ACL protection.
Question is, since we cannot use SSL, is there some other way to make sure the user credentials are not sniffed over the network and thus let an attacker impersonate our application and cange the content in Zookeeper? Does the Zookeeper client do some smart moves to protect/hash the password over the network? I suppose the binary transport is easy to decipher for those who try. -- Jan Høydahl Cominvent AS - www.cominvent.com
