[BOOKKEEPER-390] Provide support for ZooKeeper authentication - ASF JIRA

XML

Word

Printable

JSON

Details

Type: New Feature
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: 4.0.0
Fix Version/s: 4.5.0
Component/s: bookkeeper-client, bookkeeper-server
Labels:
None

Description

This JIRA adds support for protecting the state of Bookkeeper znodes on a multi-tenant ZooKeeper cluster.

Use case: When user tries to run a ZK cluster in multitenant mode, where more than one client service would like to share a single ZK service instance (cluster). In this case the client services typically want to protect their data (ZK znodes) from access by other services (tenants) on the cluster. Say you are running BK, HBase or ZKFC instances, etc... having authentication/authorization on the znodes is important for both security and helping to ensure that services don't interact negatively (touch each other's data).
Presently Bookkeeper does not have support for authentication or authorization while accessing to ZK. This should be added to the BK clients/server that are accessing the ZK cluster. In general it means calling addAuthInfo once after a session is established

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

BOOKKEEPER-390-Authentication-interfaces-draftversion.patch
11/May/13 19:16
10 kB
Rakesh Radhakrishnan
BOOKKEEPER-390-Acl-draftversion.patch
13/Sep/12 09:25
45 kB
Rakesh Radhakrishnan

Issue Links

is related to

BOOKKEEPER-631 RequestProcessor Proposal

Resolved

BOOKKEEPER-969 Security Support

Resolved

links to

GitHub Pull Request #76

mentioned in: Page Loading...

Sub-Tasks

Create documentation for ZooKeeper ACLs

Resolved

Enrico Olivelli

Activity

People

Assignee:: Enrico Olivelli

Reporter:: Rakesh Radhakrishnan

Votes:: 0 Vote for this issue

Watchers:: 11 Start watching this issue

Dates

Created:: 04/Sep/12 17:00

Updated:: 29/Mar/17 14:17

Resolved:: 28/Mar/17 20:40