Andrei Savu updated ZOOKEEPER-809:

    Attachment: ZOOKEEPER-809.patch

In this patch I've added:
* a bunch of classes for parsing the configuration file
* per context HTTP Digest authentication settings 
* per context ZooKeeper digest authentication settings
* support for chroot when parsing the hostPort string

By using these features you can easily create secure channels from your 
application to ZooKeeper ( HTTPS + Digest Authentication + ZK Auth + chroot). 
It doesn't support the whole API but it should be really useful for 
configuration management. 

Working on:
* support for ACLs: read and update
* per session ZooKeeper authentication 

Sample config for a channel:

rest.port = 9998

rest.endpoint.1 = /channel;localhost:2181,localhost:2182,localhost:2183/app
rest.endpoint.1.http.auth = user:pass,user2:pass2
rest.endpoint.1.zk.digest = appuser:pass

.. you should also enable SSL because the browser sends the password as plain 

rest.ssl = true
rest.ssl.jks = keys/rest.jks
rest.ssl.jks.pass = 123456

> Improved REST Interface
> -----------------------
>                 Key: ZOOKEEPER-809
>                 URL: https://issues.apache.org/jira/browse/ZOOKEEPER-809
>             Project: Zookeeper
>          Issue Type: Improvement
>          Components: contrib
>            Reporter: Andrei Savu
>            Assignee: Andrei Savu
>         Attachments: SPEC.txt, SPEC.txt, ZOOKEEPER-809.patch, 
> ZOOKEEPER-809.patch, ZOOKEEPER-809.patch, ZOOKEEPER-809.patch
> I would like to extend the existing REST Interface to also support:
> * configuration
> * ephemeral znodes
> * watches - PubSubHubbub 
> * ACLs 
> * basic authentication
> I want to do this because when building web applications that talks directly 
> to ZooKeeper a REST API it's a lot easier to use (there is no protocol 
> mismatch) than an API that uses persistent connections. I plan to use the 
> improved version to build a web-based administrative interface. 

This message is automatically generated by JIRA.
You can reply to this email to add a comment to the issue online.

Reply via email to