Il giorno lun 13 gen 2020 alle ore 11:06 shrikant kalani < shrikantkal...@gmail.com> ha scritto:
> Enrico , > > Do you have some examples to show. > I am sorry, personally I don't examples, I am not a direct user of this feature. I hope others on the list can give practical examples You can check the guide here https://cwiki.apache.org/confluence/display/ZOOKEEPER/ZooKeeper+SSL+User+Guide Enrico > > Right now my user is authenticated based on host level certs. How should > I add the scheme and then add authorisation rule ? > > Thanks > Srikant Kalani > > Sent from Mail for Windows 10 > > From: Enrico Olivelli > Sent: 11 January 2020 21:05 > To: UserZooKeeper > Subject: Re: Authorisation in Zookeeper > > Il giorno sab 11 gen 2020 alle ore 09:31 shrikant kalani < > shrikantkal...@gmail.com> ha scritto: > > > > > My system account means a client process running with unix user id. > > > > I want user A to have full access while all other users should only read > > data from znodes. > > > > Yes ACLs are your way to go > > Enrico > > > > > > Thanks > > Srikant Kalani > > Sent from my iPhone > > > > > On 11 Jan 2020, at 2:20 PM, Enrico Olivelli <eolive...@gmail.com> > wrote: > > > > > > Srikant > > > > > > Il sab 11 gen 2020, 03:48 shrikant kalani <shrikantkal...@gmail.com> > ha > > > scritto: > > > > > >> Hi Zookeeper Users > > >> > > >> I have implemented TLS authentication in my cluster. Right now the > > >> authentication is done based on host name (X509). > > >> > > >> Now I want to implement authorisation based on user I’d like only my > > >> system account should be able to read write data to znodes. > > >> > > > > > > Can you define 'my system account'? > > > Is your goal that only authenticated users are able to access data? > > > > > > > > > Enrico > > > > > >> > > >> How I can do that ? Is ACLs is the only solution ? > > >> > > >> Thanks > > >> Srikant Kalani > > >> > > >> Sent from my iPhone > > > >