Description
Zookeeper authentication and authorization would help improve Giraph security. A Giraph job's interaction with Zookeeper happens within a job-unique Zookeeper directory. This Zookeeper directory should be secured against unauthorized access.
Zookeeper provides security through per-user authorization and SASL authentication. We should have Giraph jobs use SASL to authenticate themselves with Zookeeper and, upon authentication, set appropriate permissions on the Zookeeper job directory.
Attachments
Issue Links
- depends upon
-
ZOOKEEPER-938 Support Kerberos authentication of clients.
- Closed
- relates to
-
GIRAPH-211 Add secure authentication to Netty IPC
- Resolved