digest ACL znodes always return ZNOAUTH (zkCLi and perl)

Mon, 23 Jan 2012 01:00:37 -0800 

Hello,
I'm just getting started with ZooKeeper and am having very little luck with digest ACLs. 


I couldn't figure out the syntax for creating digest acls from zkCli 
(create nor setAcl), but I did manage to set ACLs on nodes using the 
perl bindings.


However, I cannot read the node back.


"addauth digest user:pass" in zkCLI is accepted, but the subsequent get 
results in a KeeperException$NoAuthException.



From the perl binding (Net::ZooKeeper 0.35), get always returns -102 
(ZNOAUTH).


I'm running zookeeper 3.3.4.

-----

$ ./acltest1.pl
add_auth ok
created path /acl0000000028 with acl
node /acl0000000028 get error: -102
node /acl0000000028 has stat info:
  czxid: 230
  mzxid: 230
  ctime: 1327308018904
  mtime: 1327308018904
  version: 0
  children_version: 0
  acl_version: 0
  ephemeral_owner: 0
  data_len: 5
  num_children: 0
  children_zxid: 230
node /acl0000000028 has ACL entry:
  perms:  31
  scheme: digest
  id:     user:smGaoVKd/cQkjm7b88GyorAUz20=


#!/usr/bin/perl

use Net::ZooKeeper qw(:all);
use Digest qw();
use MIME::Base64 qw();

#Net::ZooKeeper::set_log_level(ZOO_LOG_LEVEL_DEBUG);

$z=Net::ZooKeeper->new("localhost:2181");

$z->exists("/"); # force connection

$ret = $z->add_auth("digest", "user:pass");
if($ret == ZOK ) {
        print "add_auth ok\n";
} else {
        print "add_auth returned: $ret\n";
}

my $ctx = Digest->new('SHA-1')->add("user:pass");
my $digest = MIME::Base64::encode($ctx->digest());

$acl=[{"perms"=>ZOO_PERM_ALL,"scheme"=>"digest",id=>"user:$digest"}];

if($path = $z->create("/acl","value", "flags"=>ZOO_SEQUENCE, acl=>$acl)) {
        print "created path $path with acl\n";
} else {
        print "create error code: ",$z->get_error,"\n";
}

nodeinfo($path);

sub nodeinfo {
        my $path = shift;

        if($value  = $z->get($path)) {
                print "node $path get value: ",$value,"\n";
        } else {
                print "node $path get error: ",$z->get_error,"\n";
        }

        my $stat = $z->stat();

        if ($z->exists($path, 'stat' => $stat)) {
                print "node $path has stat info:\n";
                while (my($key,$value) = each(%{$stat})) {
                        print "  $key: $value\n";
                }
        }

        foreach my $acl_entry ($z->get_acl($path)) {
                print "node $path has ACL entry:\n";
                print "  perms:  $acl_entry->{perms}\n";
                print "  scheme: $acl_entry->{scheme}\n";
                print "  id:     $acl_entry->{id}\n";
        }
}


Script started on Mon Jan 23 00:48:58 2012
bin/zkCli.sh
realpath: : No such file or directory
Connecting to localhost:2181
2012-01-23 00:48:58,860 - INFO  [main:Environment@97] - Client 
environment:zookeeper.version=3.3.3-1203054, built on 11/17/2011 05:47 GMT
2012-01-23 00:48:58,863 - INFO  [main:Environment@97] - Client 
environment:host.name=sal.work.net
2012-01-23 00:48:58,863 - INFO  [main:Environment@97] - Client 
environment:java.version=1.6.0_07
2012-01-23 00:48:58,864 - INFO  [main:Environment@97] - Client 
environment:java.vendor=The FreeBSD Foundation
2012-01-23 00:48:58,864 - INFO  [main:Environment@97] - Client 
environment:java.home=/stor/usr/local/diablo-jdk1.6.0/jre
2012-01-23 00:48:58,868 - INFO  [main:Environment@97] - Client 
environment:java.class.path=/stor/usr/home/ludwigp/work/zookeeper/bin/../build/classes:/stor/usr/home/ludwigp/work/zookeeper/bin/../build/lib/*.jar:/stor/usr/home/ludwigp/work/zookeeper/bin/../zookeeper-3.3.4.jar:/stor/usr/home/ludwigp/work/zookeeper/bin/../lib/log4j-1.2.15.jar:/stor/usr/home/ludwigp/work/zookeeper/bin/../lib/jline-0.9.94.jar:/stor/usr/home/ludwigp/work/zookeeper/bin/../lib/commons-lang-2.4.jar:/stor/usr/home/ludwigp/work/zookeeper/bin/../lib/commons-collections-3.2.jar:/stor/usr/home/ludwigp/work/zookeeper/bin/../lib/commons-cli-1.1.jar:/stor/usr/home/ludwigp/work/zookeeper/bin/../lib/apache-rat-tasks-0.6.jar:/stor/usr/home/ludwigp/work/zookeeper/bin/../lib/apache-rat-core-0.6.jar:/stor/usr/home/ludwigp/work/zookeeper/bin/../src/java/lib/*.jar:/stor/usr/home/ludwigp/work/zookeeper/bin/../conf:
2012-01-23 00:48:58,869 - INFO  [main:Environment@97] - Client 
environment:java.library.path=/stor/usr/local/diablo-jdk1.6.0/jre/lib/amd64/server:/stor/usr/local/diablo-jdk1.6.0/jre/lib/amd64:/stor/usr/local/diablo-jdk1.6.0/jre/../lib/amd64:/usr/java/packages/lib/amd64:/lib:/usr/lib:/usr/local/lib
2012-01-23 00:48:58,869 - INFO  [main:Environment@97] - Client 
environment:java.io.tmpdir=/var/tmp/
2012-01-23 00:48:58,870 - INFO  [main:Environment@97] - Client 
environment:java.compiler=<NA>
2012-01-23 00:48:58,870 - INFO  [main:Environment@97] - Client 
environment:os.name=FreeBSD
2012-01-23 00:48:58,871 - INFO  [main:Environment@97] - Client 
environment:os.arch=amd64
2012-01-23 00:48:58,871 - INFO  [main:Environment@97] - Client 
environment:os.version=8.2-STABLE
2012-01-23 00:48:58,871 - INFO  [main:Environment@97] - Client 
environment:user.name=ludwigp
2012-01-23 00:48:58,872 - INFO  [main:Environment@97] - Client 
environment:user.home=/home/ludwigp
2012-01-23 00:48:58,872 - INFO  [main:Environment@97] - Client 
environment:user.dir=/stor/usr/home/ludwigp/work/zookeeper
2012-01-23 00:48:58,874 - INFO  [main:ZooKeeper@379] - Initiating client 
connection, connectString=localhost:2181 sessionTimeout=30000 
watcher=org.apache.zookeeper.ZooKeeperMain$MyWatcher@46ae506e
2012-01-23 00:48:58,893 - INFO  [main-SendThread():ClientCnxn$SendThread@1061] 
- Opening socket connection to server localhost/127.0.0.1:2181
Welcome to ZooKeeper!
JLine support is enabled
2012-01-23 00:48:58,918 - INFO  
[main-SendThread(localhost:2181):ClientCnxn$SendThread@950] - Socket connection 
established to localhost/127.0.0.1:2181, initiating session
[zk: localhost:2181(CONNECTING) 0] 2012-01-23 00:48:58,955 - INFO  
[main-SendThread(localhost:2181):ClientCnxn$SendThread@739] - Session 
establishment complete on server localhost/127.0.0.1:2181, sessionid = 
0x13503ff39120058, negotiated timeout = 30000

WATCHER::

WatchedEvent state:SyncConnected type:None path:null

[zk: localhost:2181(CONNECTED) 0] addauth digest user:pass
[zk: localhost:2181(CONNECTED) 1] get /acl0000000028
Exception in thread "main" 
org.apache.zookeeper.KeeperException$NoAuthException: KeeperErrorCode = NoAuth 
for /acl0000000028
        at org.apache.zookeeper.KeeperException.create(KeeperException.java:104)
        at org.apache.zookeeper.KeeperException.create(KeeperException.java:42)
        at org.apache.zookeeper.ZooKeeper.getData(ZooKeeper.java:927)
        at org.apache.zookeeper.ZooKeeper.getData(ZooKeeper.java:956)
        at 
org.apache.zookeeper.ZooKeeperMain.processZKCmd(ZooKeeperMain.java:694)
        at org.apache.zookeeper.ZooKeeperMain.processCmd(ZooKeeperMain.java:581)
        at 
org.apache.zookeeper.ZooKeeperMain.executeLine(ZooKeeperMain.java:353)
        at org.apache.zookeeper.ZooKeeperMain.run(ZooKeeperMain.java:311)
        at org.apache.zookeeper.ZooKeeperMain.main(ZooKeeperMain.java:270)

Script done on Mon Jan 23 00:49:17 2012






















					Reply via email to