ZooKeeper
  1. ZooKeeper
  2. ZOOKEEPER-1195

SASL authorizedID being incorrectly set: should use getHostName() rather than getServiceName()

    Details

    • Type: Bug Bug
    • Status: Closed
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: 3.4.0
    • Fix Version/s: 3.4.0
    • Component/s: None
    • Labels:
      None
    • Release Note:
      One-line fix for bug identified by Tom Klonikowski

      Description

      Tom Klonikowski writes:

      Hello developers,

      the SaslServerCallbackHandler in trunk changes the principal name
      service/host@REALM to service/service@REALM (i guess unintentionally).

      lines 131-133:
      if (!removeHost() && (kerberosName.getHostName() != null))

      { userName += "/" + kerberosName.getServiceName(); }

      Server Log:

      SaslServerCallbackHandler@115] - Successfully authenticated client:
      authenticationID=fetcher/ubook@QUINZOO;
      authorizationID=fetcher/ubook@QUINZOO.

      SaslServerCallbackHandler@137] - Setting authorizedID:
      fetcher/fetcher@QUINZOO

      1. SaslAuthNamingTest.java
        4 kB
        Tom Klonikowski
      2. ZOOKEEPER-1195.patch
        1 kB
        Eugene Koontz

        Issue Links

          Activity

            People

            • Assignee:
              Eugene Koontz
              Reporter:
              Eugene Koontz
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Development