Phil Zampino created KNOX-1129:
----------------------------------
Summary: Remote Configuration Monitor Should Define The Entries It
Monitors If They're Not Yet Defined
Key: KNOX-1129
URL: https://issues.apache.org/jira/browse/KNOX-1129
Project: Apache Knox
Issue Type: Bug
Components: Server
Affects Versions: 0.14.0
Reporter: Phil Zampino
Assignee: Phil Zampino
Fix For: 0.15.0
Currently, if the remote configuration monitor finds that the
/knox/config/shared-providers and/or /knox/config/descriptors entries (e.g.,
znodes) are not present (or are otherwise inaccessible), it determines that it
cannot function, and it ceases any attempt at monitoring.
For those cases where the entries do not yet exist, the monitor can define
them. If the client employed by the monitor does not require authentication,
then the new entries will be created without any meaningful ACLs applied. If
the client has been authenticated, then the ACLs should be such that the
authenticated principal has write permissions, while everyone else has
read-only permissions.
Whether or not the read permissions should be more restrictive is yet to be
determined; Other projects in the ecosystem seem to allow everyone read access
to their respective ZooKeeper content.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
