Uploaded image for project: 'ZooKeeper'
  1. ZooKeeper
  2. ZOOKEEPER-2451

do not make use of system properties for security configuration

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Resolved
    • Major
    • Resolution: Duplicate
    • None
    • None
    • None
    • None

    Description

      Is there (or could there be) a way to set up security for ZK client that doesn't involve calls like 

      System.setProperty(ZooKeeperSaslClient.LOGIN_CONTEXT_NAME_KEY, SASL_LOGIN_CONTEXT_NAME);

      ?
      I was looking at an unrelated security configuration issue and stumbled upon this pattern; we use (at least) 2 ZK connections from the same process, that (for now) use the same config but different context names, one of which is in a library out of our control. Unless I'm missing something with this pattern it seems extremely brittle. Or unless there's an alternative approach already; if there is, hadoop-common and hive don't use it atm, old approach seems prevalent.

      There should be an approach that is at least slightly more solid, like say public globals... maybe even threadlocals!

      Attachments

        Issue Links

          duplicates

          Improvement - An improvement or enhancement to an existing feature or task. ZOOKEEPER-2139 Support multiple ZooKeeper client, with different configurations, in a single JVM

          • Blocker - Blocks development and/or testing work, production could not run
          • Closed

          Activity

            People

              Unassigned Unassigned
              sershe Sergey Shelukhin
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: