[
https://issues.apache.org/jira/browse/KNOX-1129?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Phil Zampino updated KNOX-1129:
-------------------------------
Attachment: KNOX-1129-002.patch
Attached KNOX-1129-002.patch to address merge with master issue.
> Remote Configuration Monitor Should Define The Entries It Monitors If They're
> Not Yet Defined
> ---------------------------------------------------------------------------------------------
>
> Key: KNOX-1129
> URL: https://issues.apache.org/jira/browse/KNOX-1129
> Project: Apache Knox
> Issue Type: Bug
> Components: Server
> Affects Versions: 0.14.0
> Reporter: Phil Zampino
> Assignee: Phil Zampino
> Labels: kip-8
> Fix For: 0.14.0
>
> Attachments: KNOX-1129-001.patch, KNOX-1129-002.patch, KNOX-1129.patch
>
>
> Currently, if the remote configuration monitor finds that the
> /knox/config/shared-providers and/or /knox/config/descriptors entries (e.g.,
> znodes) are not present (or are otherwise inaccessible), it determines that
> it cannot function, and it ceases any attempt at monitoring.
> For those cases where the entries do not yet exist, the monitor can define
> them. If the client employed by the monitor does not require authentication,
> then the new entries will be created without any meaningful ACLs applied. If
> the client has been authenticated, then the ACLs should be such that the
> authenticated principal has write permissions, while everyone else has
> read-only permissions.
> Whether or not the read permissions should be more restrictive is yet to be
> determined; Other projects in the ecosystem seem to allow everyone read
> access to their respective ZooKeeper content.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
