[ https://issues.apache.org/jira/browse/ZOOKEEPER-1373?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13193520#comment-13193520 ]
jirapos...@reviews.apache.org commented on ZOOKEEPER-1373: ---------------------------------------------------------- bq. On 2012-01-25 19:23:47, Ted Yu wrote: bq. > Thanks Ted, fixed these. - Eugene ----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/3631/#review4597 ----------------------------------------------------------- On 2012-01-26 00:30:39, Eugene Koontz wrote: bq. bq. ----------------------------------------------------------- bq. This is an automatically generated e-mail. To reply, visit: bq. https://reviews.apache.org/r/3631/ bq. ----------------------------------------------------------- bq. bq. (Updated 2012-01-26 00:30:39) bq. bq. bq. Review request for zookeeper. bq. bq. bq. Summary bq. ------- bq. bq. ZOOKEEPER-1373: Hardcoded SASL login context name clashes with Hadoop security configuration override bq. bq. Fix is to allow system property to designate the JAAS configuration section that the zookeeper client will use. bq. bq. bq. This addresses bug ZOOKEEPER-1373. bq. https://issues.apache.org/jira/browse/ZOOKEEPER-1373 bq. bq. bq. Diffs bq. ----- bq. bq. src/java/test/org/apache/zookeeper/test/SaslAuthFailDesignatedClientTest.java PRE-CREATION bq. src/java/test/org/apache/zookeeper/test/SaslAuthMissingClientConfigTest.java PRE-CREATION bq. src/java/test/org/apache/zookeeper/test/SaslAuthDesignatedClientTest.java PRE-CREATION bq. src/java/main/org/apache/zookeeper/Login.java 6d2a38c bq. src/java/main/org/apache/zookeeper/client/ZooKeeperSaslClient.java 722538e bq. conf/zoo_sample.cfg aafb324 bq. src/java/main/org/apache/zookeeper/ClientCnxn.java 6c25e40 bq. bq. Diff: https://reviews.apache.org/r/3631/diff bq. bq. bq. Testing bq. ------- bq. bq. "ant test" java tests pass. bq. bq. bq. Thanks, bq. bq. Eugene bq. bq. > Hardcoded SASL login context name clashes with Hadoop security configuration > override > ------------------------------------------------------------------------------------- > > Key: ZOOKEEPER-1373 > URL: https://issues.apache.org/jira/browse/ZOOKEEPER-1373 > Project: ZooKeeper > Issue Type: Bug > Components: java client > Affects Versions: 3.4.2 > Reporter: Thomas Weise > Assignee: Eugene Koontz > Fix For: 3.4.3, 3.5.0 > > Attachments: ZOOKEEPER-1373-TW_3_4.patch, ZOOKEEPER-1373.patch, > ZOOKEEPER-1373.patch, ZOOKEEPER-1373.patch > > > I'm trying to configure a process with Hadoop security (Hive metastore > server) to talk to ZooKeeper 3.4.2 with Kerberos authentication. In this > scenario Hadoop controls the SASL configuration > (org.apache.hadoop.security.UserGroupInformation.HadoopConfiguration), > instead of setting up the ZooKeeper "Client" loginContext via jaas.conf and > system property > {{-Djava.security.auth.login.config}} > Using the Hadoop configuration would work, except that ZooKeeper client code > expects the loginContextName to be "Client" while Hadoop security will use > "hadoop-keytab-kerberos". I verified that by changing the name in the > debugger the SASL authentication succeeds while otherwise the login > configuration cannot be resolved and the connection to ZooKeeper is > unauthenticated. > To integrate with Hadoop, the following in ZooKeeperSaslClient would need to > change to make the name configurable: > {{login = new Login("Client",new ClientCallbackHandler(null));}} -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira