[ https://issues.apache.org/jira/browse/ZOOKEEPER-757?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Kapil Thangavelu updated ZOOKEEPER-757: --------------------------------------- Summary: zkpython acl/auth usage needs documentation + unit test (was: zkpython acl/auth usage broken) Description: I'm trying to use zookeeper via zkpython to set an acl on a node, and then test that acl, by attempting to access the node with identity configured in the acl. I've configured a super user, connect to zookeeper as the superuser, and then create a node an acl with the all permission and a digest scheme for a user. I then attempt to connect to zookeeper with as the user specified in the acl, however i find that i end up not being able to touch the node to perfom actoins like getChlidren without getting an unauthenticated exceptoin, perhaps even more oddly i can't access the node with the super user (passed in via system property on the cli via Dzookeeper.DigestAuthenticationProvider.superDigest). Any attempt to acces the node raises an exception zookeeper.NoAuthException: not authenticated i've attached a failing unit test patch against trunk. [update] patrick was able to point out that the issue was that the digest needed to be of both user and password, while i had been trying a password digest. I've updated the ticket to reflect the need for documenting this capability, and have attached a working unit test against trunk against for this functionality. was: I'm trying to use zookeeper via zkpython to set an acl on a node, and then test that acl, by attempting to access the node with identity configured in the acl. I've configured a super user, connect to zookeeper as the superuser, and then create a node an acl with the all permission and a digest scheme for a user. I then attempt to connect to zookeeper with as the user specified in the acl, however i find that i end up not being able to touch the node to perfom actoins like getChlidren without getting an unauthenticated exceptoin, perhaps even more oddly i can't access the node with the super user (passed in via system property on the cli via Dzookeeper.DigestAuthenticationProvider.superDigest). Any attempt to acces the node raises an exception zookeeper.NoAuthException: not authenticated i've attached a demonstration script that exhibits the problem, and a failing unit test patch against trunk. update to reflect that this issue is now primarily about documentation, and an additional unit test. > zkpython acl/auth usage needs documentation + unit test > ------------------------------------------------------- > > Key: ZOOKEEPER-757 > URL: https://issues.apache.org/jira/browse/ZOOKEEPER-757 > Project: Zookeeper > Issue Type: Bug > Components: contrib-bindings > Affects Versions: 3.3.0, 3.4.0 > Environment: ubuntu karmic / lucid ... sun jdk 1.6.0_20 > Reporter: Kapil Thangavelu > Attachments: patch-test-acl-verify.diff > > > I'm trying to use zookeeper via zkpython to set an acl on a node, and then > test that acl, by attempting to access the node with identity configured in > the acl. I've configured a super user, connect to zookeeper as the superuser, > and then create a node an acl with the all permission and a digest scheme for > a user. I then attempt to connect to zookeeper with as the user specified in > the acl, however i find that i end up not being able to touch the node to > perfom actoins like getChlidren without getting an unauthenticated exceptoin, > perhaps even more oddly i can't access the node with the super user (passed > in via system property on the cli via > Dzookeeper.DigestAuthenticationProvider.superDigest). Any attempt to acces > the node raises an exception > zookeeper.NoAuthException: not authenticated > i've attached a failing unit test patch against trunk. > [update] > patrick was able to point out that the issue was that the digest needed to be > of both user and password, while i had been trying a password digest. > I've updated the ticket to reflect the need for documenting this capability, > and have attached a working unit test against trunk against for this > functionality. > > -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.