prashanth reddy created ZOOKEEPER-4336:
------------------------------------------

             Summary: Able to authentication to zookeeper with user not 
configured in zookeeper-jaas.conf
                 Key: ZOOKEEPER-4336
                 URL: https://issues.apache.org/jira/browse/ZOOKEEPER-4336
             Project: ZooKeeper
          Issue Type: Bug
          Components: security
    Affects Versions: 3.7.0
         Environment: *Zookeeper log:*


Jul 14 07:03:41 vm-523 zookeeper[90699]: 2021-07-14 07:03:41,161 - INFO 
[nioEventLoopGroup-4-1:X509AuthenticationProvider@166] - Authenticated Id 
'1.2.840.113549.1.9.1=#161370726173686b726540696e2e69626d2e636f6d,CN=vm-523,OU=PVC,O=IBM,L=BLR,ST=KAR,C=IN'
 for Scheme 'x509'
Jul 14 07:03:41 vm-523 zookeeper[90699]: 2021-07-14 07:03:41,168 - INFO 
[SyncThread:0:FileTxnLog@284] - Creating new log file: log.8c
Jul 14 07:03:41 vm-523 zookeeper[90699]: 2021-07-14 07:03:41,187 - INFO 
[nioEventLoopGroup-4-1:ZooKeeperServer@1623] - got auth packet 
/xx.xx.xx.xx:56798
Jul 14 07:03:41 vm-523 zookeeper[90699]: 2021-07-14 07:03:41,189 - INFO 
[nioEventLoopGroup-4-1:ZooKeeperServer@1642] - Session 0x1006ae09b290000: auth 
success for scheme digest and address /xx.xx.xx.xx:56798
            Reporter: prashanth reddy
         Attachments: zoo.cfg, zookeeper-jass.conf, zookeeper.service.txt

Hi Team,

I have configured DigestAuthenticationProvider as zookeeper auth provider in my 
environment to let only users configured in zookeeper-jass.conf to authenticate 
with zookeeper, but when I try to authenticate with a user not in 
zookeeper-jass.conf , it is able to authenticate successfully.

 

Could someone please suggest?



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

Reply via email to