prashanth reddy created ZOOKEEPER-4336:
------------------------------------------
Summary: Able to authentication to zookeeper with user not
configured in zookeeper-jaas.conf
Key: ZOOKEEPER-4336
URL: https://issues.apache.org/jira/browse/ZOOKEEPER-4336
Project: ZooKeeper
Issue Type: Bug
Components: security
Affects Versions: 3.7.0
Environment: *Zookeeper log:*
Jul 14 07:03:41 vm-523 zookeeper[90699]: 2021-07-14 07:03:41,161 - INFO
[nioEventLoopGroup-4-1:X509AuthenticationProvider@166] - Authenticated Id
'1.2.840.113549.1.9.1=#161370726173686b726540696e2e69626d2e636f6d,CN=vm-523,OU=PVC,O=IBM,L=BLR,ST=KAR,C=IN'
for Scheme 'x509'
Jul 14 07:03:41 vm-523 zookeeper[90699]: 2021-07-14 07:03:41,168 - INFO
[SyncThread:0:FileTxnLog@284] - Creating new log file: log.8c
Jul 14 07:03:41 vm-523 zookeeper[90699]: 2021-07-14 07:03:41,187 - INFO
[nioEventLoopGroup-4-1:ZooKeeperServer@1623] - got auth packet
/xx.xx.xx.xx:56798
Jul 14 07:03:41 vm-523 zookeeper[90699]: 2021-07-14 07:03:41,189 - INFO
[nioEventLoopGroup-4-1:ZooKeeperServer@1642] - Session 0x1006ae09b290000: auth
success for scheme digest and address /xx.xx.xx.xx:56798
Reporter: prashanth reddy
Attachments: zoo.cfg, zookeeper-jass.conf, zookeeper.service.txt
Hi Team,
I have configured DigestAuthenticationProvider as zookeeper auth provider in my
environment to let only users configured in zookeeper-jass.conf to authenticate
with zookeeper, but when I try to authenticate with a user not in
zookeeper-jass.conf , it is able to authenticate successfully.
Could someone please suggest?
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
