I'm attempting to secure a zookeeper installation using zookeeper ACLs.
However, I'm finding that while Ids.OPEN_ACL_UNSAFE works great, my
attempts at using Ids.CREATOR_ALL_ACL are failing. Here's a code

public class ZooWrapper

1. Here I'm setting up my authentication. I've got an ACL list, and my
authentication strings.
    private final List<ACL> acl = new ArrayList<ACL>( 1 );
    private static final String authentication_type = "digest";
    private static final String authentication =

    public ZooWrapper( final String connection_string,
                       final String path,
                       final int connectiontimeout ) throws
2. Here I'm adding the acls

        // This works (creates nodes, sets data on nodes)
        for ( ACL ids_acl : Ids.OPEN_ACL_UNSAFE )
            acl.add( ids_acl);

NOTE:  This does not work (nodes are not created, cannot set data on
nodes b/c nodes do not exist)

//        for ( ACL ids_acl : Ids.CREATOR_ALL_ACL )
//        {
//            acl.add( ids_acl );
//        }

3. Finally, I create a new zookeeper instance and add my authorization
info to it.
     zoo = new ZooKeeper( connection_string, connectiontimeout, this );
     zoo.addAuthInfo( authentication_type, authentication.getBytes() )

4. Later, I try to write some data into zookeeper by first creating the
node, and then calling setdata...
      zoo.create( path, new byte[0], acl, CreateMode.PERSISTENT );

      zoo.setData( path, bytes, -1 )

As I mentioned above, when I add Ids.OPEN_ACL_UNSAFE to acl, then both
the create and setData succeed. However, when I use Ids.CREATOR_ALL_ACL,
then the nodes are not created. Am I missing something obvious w/
respect to configuring ACLs?

I've used the following references:





Reply via email to