Uploaded image for project: 'ZooKeeper'
  1. ZooKeeper
  2. ZOOKEEPER-1764

ZooKeeper attempts at SASL eventhough it shouldn't

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Implemented
    • Affects Version/s: 3.4.4
    • Fix Version/s: 3.4.6
    • Component/s: java client
    • Labels:
      None

      Description

      We are using a proprietary SASL solution, but we don't want to use it with ZooKeeper. Unfortunately it seems, that there is no way to disable SASL for ZooKeeper as the code only checks for presence of "java.security.auth.login.config" system property to determine whether SASL should be used or not.
      For us it means, that ZooKeeper client just shuts down after SASL is initialized. What happens:

      1) System.getProperty("java.security.auth.login.config") is initially null
      2) ZooKeeper is initialized and used
      3) Our JAAS/SASL component is initialized
      4) System.getProperty("java.security.auth.login.config") is not null anymore
      5) ZooKeeperSaslClient.clientTunneledAuthenticationInProgress() suddenly picks up the new property and starts returning true
      6) ClientCnxnSocketNIO.findSendablePacket() suddenly stops returning any packets since clientTunneledAuthenticationInProgress is always true

      The communication is halted and eventually times out.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                merunka Kuba Skopal
              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: