>>>>>java.io.IOException: No JAAS configuration section named 'Server'
I could see you have enabled client-server authentication as well. It looks to me that the error is coming from that. Please share the complete error logs to trace it. Have you configured "*Server*" section along with the "*QuorumServer*" and " *QuorumClient*" sections? If not, please configure "*Server*" section along with others and try it out. Reference: https://cwiki.apache.org/confluence/display/ZOOKEEPER/Client-Server+mutual+authentication [image: image.png] Thanks, Rakesh On Tue, Feb 11, 2020 at 7:26 AM Sebastian Schmitz < sebastian.schm...@propellerhead.co.nz> wrote: > Hello, > > I'm currently looking into enabling the Auth between Zookeeper-Servers > and found this documentation: > > > https://cwiki.apache.org/confluence/display/ZOOKEEPER/Server-Server+mutual+authentication > > However, when I use the config from the document (for Digest-MD5) I get > this exception in Zookeeper 3.4.14 and also 3.5.6, which I tried because > I thought using latest version could help: > java.io.IOException: No JAAS configuration section named 'Server' was > found in '/opt/zookeeper-cluster/zookeeper/conf/jaas.conf > > And of course that's right, because there's only QuorumServer and > QuorumClient in the jaas.conf: > > jaas.conf: > QuorumServer { > org.apache.zookeeper.server.auth.DigestLoginModule required > user_zookeeper="test"; > }; > > QuorumClient { > org.apache.zookeeper.server.auth.DigestLoginModule required > username="zookeeper" > password="test"; > }; > > I also tried renaming the QuorumServer to just "Server". No change. > > My zoo.cfg: > tickTime=2000 > initLimit=10 > syncLimit=5 > dataDir=/mnt/zk_data > clientPort=2181 > dataLogDir=/mnt/zk_data_log > autopurge.snapRetainCount=3 > autopurge.purgeInterval=24 > quorum.auth.enableSasl=true > quorum.auth.learnerRequireSasl=false > quorum.auth.serverRequireSasl=false > quorum.auth.learner.loginContext=QuorumLearner > quorum.auth.server.loginContext=QuorumServer > quorum.cnxn.threads.size=20 > authProvider.1=org.apache.zookeeper.server.auth.SASLAuthenticationProvider > secureClientPort=2281 > server.1=0.0.0.0:2888:3888 > > Any idea what I could try? Or maybe there's some better document on how > to achieve this? > > Thank you > > Sebastian > > > -- > DISCLAIMER > This email contains information that is confidential and which > may be > legally privileged. If you have received this email in error please > > notify the sender immediately and delete the email. > This email is intended > solely for the use of the intended recipient and you may not use or > disclose this email in any way. >
