prashanth reddy created ZOOKEEPER-4336: ------------------------------------------
Summary: Able to authentication to zookeeper with user not configured in zookeeper-jaas.conf Key: ZOOKEEPER-4336 URL: https://issues.apache.org/jira/browse/ZOOKEEPER-4336 Project: ZooKeeper Issue Type: Bug Components: security Affects Versions: 3.7.0 Environment: *Zookeeper log:* Jul 14 07:03:41 vm-523 zookeeper[90699]: 2021-07-14 07:03:41,161 - INFO [nioEventLoopGroup-4-1:X509AuthenticationProvider@166] - Authenticated Id '1.2.840.113549.1.9.1=#161370726173686b726540696e2e69626d2e636f6d,CN=vm-523,OU=PVC,O=IBM,L=BLR,ST=KAR,C=IN' for Scheme 'x509' Jul 14 07:03:41 vm-523 zookeeper[90699]: 2021-07-14 07:03:41,168 - INFO [SyncThread:0:FileTxnLog@284] - Creating new log file: log.8c Jul 14 07:03:41 vm-523 zookeeper[90699]: 2021-07-14 07:03:41,187 - INFO [nioEventLoopGroup-4-1:ZooKeeperServer@1623] - got auth packet /xx.xx.xx.xx:56798 Jul 14 07:03:41 vm-523 zookeeper[90699]: 2021-07-14 07:03:41,189 - INFO [nioEventLoopGroup-4-1:ZooKeeperServer@1642] - Session 0x1006ae09b290000: auth success for scheme digest and address /xx.xx.xx.xx:56798 Reporter: prashanth reddy Attachments: zoo.cfg, zookeeper-jass.conf, zookeeper.service.txt Hi Team, I have configured DigestAuthenticationProvider as zookeeper auth provider in my environment to let only users configured in zookeeper-jass.conf to authenticate with zookeeper, but when I try to authenticate with a user not in zookeeper-jass.conf , it is able to authenticate successfully. Could someone please suggest? -- This message was sent by Atlassian Jira (v8.3.4#803005)