Uploaded image for project: 'ZooKeeper'
  1. ZooKeeper
  2. ZOOKEEPER-1497

Allow server-side SASL login with JAAS configuration to be programmatically set (rather than only by reading JAAS configuration file)

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • 3.4.3, 3.5.0
    • 3.4.4, 3.5.0
    • server
    • Reviewed

    Description

      Currently the CnxnFactory checks for "java.security.auth.login.config" to decide whether or not enable SASL.

      • zookeeper/server/NIOServerCnxnFactory.java
      • zookeeper/server/NettyServerCnxnFactory.java
        • configure() checks for "java.security.auth.login.config"
          • If present start the new Login("Server", SaslServerCallbackHandler(conf))

      But since the SaslServerCallbackHandler does the right thing just checking if getAppConfigurationEntry() is empty, we can allow SASL with JAAS configuration to be programmatically just checking weather or not a configuration entry is present instead of "java.security.auth.login.config".
      (Something quite similar was done for the SaslClient in ZOOKEEPER-1373)

      Attachments

        1. ZOOKEEPER-1497-v5.patch
          21 kB
          Matteo Bertozzi
        2. ZOOKEEPER-1497-v4.patch
          20 kB
          Matteo Bertozzi
        3. ZOOKEEPER-1497-v3.patch
          15 kB
          Matteo Bertozzi
        4. ZOOKEEPER-1497-v2.patch
          14 kB
          Matteo Bertozzi
        5. ZOOKEEPER-1497-v1.patch
          8 kB
          Matteo Bertozzi

        Issue Links

          Activity

            People

              mbertozzi Matteo Bertozzi
              mbertozzi Matteo Bertozzi
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: