[
https://issues.apache.org/jira/browse/KNOX-1129?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16277632#comment-16277632
]
ASF subversion and git services commented on KNOX-1129:
-------------------------------------------------------
Commit 6b678deacc735f61c4f57bec8bb2b73b9ab82c08 in knox's branch
refs/heads/v0.14.0 from [~lmccay]
[ https://git-wip-us.apache.org/repos/asf?p=knox.git;h=6b678de ]
KNOX-1129 - Remote Configuration Monitor Should Define The Entries It Monitors
If They're Not Yet Defined (Phil Zampino via lmccay)
> Remote Configuration Monitor Should Define The Entries It Monitors If They're
> Not Yet Defined
> ---------------------------------------------------------------------------------------------
>
> Key: KNOX-1129
> URL: https://issues.apache.org/jira/browse/KNOX-1129
> Project: Apache Knox
> Issue Type: Bug
> Components: Server
> Affects Versions: 0.14.0
> Reporter: Phil Zampino
> Assignee: Phil Zampino
> Labels: kip-8
> Fix For: 0.14.0
>
> Attachments: KNOX-1129-001.patch, KNOX-1129-002.patch, KNOX-1129.patch
>
>
> Currently, if the remote configuration monitor finds that the
> /knox/config/shared-providers and/or /knox/config/descriptors entries (e.g.,
> znodes) are not present (or are otherwise inaccessible), it determines that
> it cannot function, and it ceases any attempt at monitoring.
> For those cases where the entries do not yet exist, the monitor can define
> them. If the client employed by the monitor does not require authentication,
> then the new entries will be created without any meaningful ACLs applied. If
> the client has been authenticated, then the ACLs should be such that the
> authenticated principal has write permissions, while everyone else has
> read-only permissions.
> Whether or not the read permissions should be more restrictive is yet to be
> determined; Other projects in the ecosystem seem to allow everyone read
> access to their respective ZooKeeper content.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
