[
https://issues.apache.org/jira/browse/KAFKA-1695?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14623053#comment-14623053
]
Parth Brahmbhatt commented on KAFKA-1695:
-----------------------------------------
[~gwenshap] I have upgraded zkClient to 0.5 however for existing clusters
trying to move to security the changes in 0.5 were not enough. I submitted a
patch to zkClient to set and get Acls for existing paths and it has been
committed to the trunk.
https://github.com/sgroschupf/zkclient/commit/c5d1dd2373eab343d606a0797d58664c0ee4781d.
ZkClient has not yet released a new version with that change so we will
probably have to wait for the next release but once that is done [~gwenshap] if
you don't mind I would like to take over this jira. I have already implemented
setting acls and authentication to zookeeper as part of authorizer work.
> Authenticate connection to Zookeeper
> ------------------------------------
>
> Key: KAFKA-1695
> URL: https://issues.apache.org/jira/browse/KAFKA-1695
> Project: Kafka
> Issue Type: Sub-task
> Components: security
> Reporter: Jay Kreps
> Assignee: Gwen Shapira
>
> We need to make it possible to secure the Zookeeper cluster Kafka is using.
> This would make use of the normal authentication ZooKeeper provides.
> ZooKeeper supports a variety of authentication mechanisms so we will need to
> figure out what has to be passed in to the zookeeper client.
> The intention is that when the current round of client work is done it should
> be possible to run without clients needing access to Zookeeper so all we need
> here is to make it so that only the Kafka cluster is able to read and write
> to the Kafka znodes (we shouldn't need to set any kind of acl on a per-znode
> basis).
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
