[
https://issues.apache.org/jira/browse/ZOOKEEPER-2858?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Andor Molnar reassigned ZOOKEEPER-2858:
---------------------------------------
Assignee: Andor Molnar
> Disable reverse DNS lookup for SASL java client
> -----------------------------------------------
>
> Key: ZOOKEEPER-2858
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2858
> Project: ZooKeeper
> Issue Type: New Feature
> Components: java client
> Affects Versions: 3.4.6
> Reporter: Andrey
> Assignee: Andor Molnar
> Priority: Major
> Labels: pull-request-available
> Fix For: 3.10.0
>
> Time Spent: 1h 40m
> Remaining Estimate: 0h
>
> I have the following setup:
> - zookeeper server running in docker container
> - kerberos auth
> When client setup sasl connection it creates service principal name as:
> - "principalUserName+"/"+addr.getHostName()",
> where:
> - addr.getHostName is the reverse DNS of original server host.
> If zookeeper nodes will be deployed behind the firewall or software defined
> network (the docker case), then reverse DNS host won't match original server
> host. And this is done by design.
> If these hosts won't match, then principals won't match and Kerberos auth
> will fail.
> Is it possible to introduce some configuration parameter to disable reverse
> DNS lookups?
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
