[
https://issues.apache.org/jira/browse/ZOOKEEPER-2793?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16274757#comment-16274757
]
Patrick Hunt commented on ZOOKEEPER-2793:
-----------------------------------------
> Does this make sense to you?
Yes, I believe that addresses the concern. Like I said, I don't like it that
much, but it seems like an extreme situation. Might be worth thinking about
more to ensure we don't miss anything.
One other thing is that we should ensure the documentation reflects this issue.
Operations details plus how to handle this particular situation.
> [QP MutualAuth]: Implement a mechanism to build "authzHosts" for dynamic
> reconfig servers
> -----------------------------------------------------------------------------------------
>
> Key: ZOOKEEPER-2793
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2793
> Project: ZooKeeper
> Issue Type: Sub-task
> Components: quorum, security
> Reporter: Rakesh R
> Assignee: Rakesh R
> Fix For: 3.5.4, 3.6.0
>
>
> {{QuorumServer}} will do the authorization checks against configured
> authorized hosts. During LE, QuorumLearner will send an authentication packet
> to QuorumServer. Now, QuorumServer will check that the connecting
> QuorumLearner’s hostname exists in the authorized hosts. If not exists then
> connecting peer is not authorized to join this ensemble and the request will
> be rejected immediately.
> In {{branch-3.4}} building {{authzHosts}} list is pretty straight forward,
> can use the ensemble server details in zoo.cfg file. But with dynamic
> reconfig, it has to consider the dynamic add/remove/update servers and need
> to discuss the ways to handle dynamic cases.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
