[ZOOKEEPER-2569] plain password is stored when set individual ACL using digest scheme - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Open
Priority: Major
Resolution: Unresolved
Affects Version/s: 3.5.1
Fix Version/s: None
Component/s: security
Labels:
None

Description

Plain password is stored when set individual ACL using digest scheme instead of storing the username and encoded hash string of <username:password>

[zk: localhost:2181(CONNECTED) 13] addauth digest user:pass
[zk: localhost:2181(CONNECTED) 14] setAcl /newNode digest:user:pass:crdwa
[zk: localhost:2181(CONNECTED) 15] getAcl /newNode
'digest,'user:pass
: cdrwa
[zk: localhost:2181(CONNECTED) 16]

Attachments

Activity

People

Assignee:: Rakesh Kumar Singh

Reporter:: Rakesh Kumar Singh

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 08/Sep/16 13:58

Updated:: 23/Sep/16 05:05