Home | About | Sematext search-lucene.com search-hadoop.com
 Search Hadoop and all its subprojects:

Switch to Threaded View
Zookeeper, mail # user - ACL Usage with SASL Difference between Curator and ZK Client
Harihara Vinayakaram
2013-01-05, 03:26
Copy link to this message
-
ACL Usage with SASL Difference between Curator and ZK Client
Harihara Vinayakaram 2013-01-01, 05:36
Hi
   I am new to ZooKeeper . I am using ZK 3.4.5 with JDK 1.7 . I have the ZK
Server up and running using SASL

   I am using the following client to connect to the server . When I use
the Curator framework I am able to
     *curator.create().withMode(CreateMode.PERSISTENT).withACL(Ids.CREATOR_ALL_ACL).forPath(path)
;*
*
*
But I use the Ids.CREATOR_ALL_ACL with the zk client I get an error in the
ZooKeeper Server logs that says InvalidACL

*2013-01-01 10:28:20,581 [myid:] - INFO  [ProcessThread(sid:0
cport:-1)::PrepRequestProcessor@627] - Got user-level KeeperException when
processing sessionid:0x13bf3f761ca0008 type:create cxid:0x3 zxid:0x1a
txntype:-1 reqpath:n/a Error Path:*
*/newmadhav Error:KeeperErrorCode = InvalidACL for /newmadhav*
*
*
It works if I set the ACL to Ids.OPEN_ACL_UNSAFE

Attaching the program to simulate the condition .  Let me know if I am
missing something

import com.netflix.curator.framework.CuratorFramework;
import com.netflix.curator.framework.CuratorFrameworkFactory;
import com.netflix.curator.retry.RetryOneTime;
import org.apache.zookeeper.CreateMode;
import org.apache.zookeeper.WatchedEvent;
import org.apache.zookeeper.Watcher;
import org.apache.zookeeper.ZooDefs.Ids;
import org.apache.zookeeper.ZooKeeper;
import org.apache.zookeeper.client.ZooKeeperSaslClient;
import org.apache.zookeeper.data.ACL;
import org.apache.zookeeper.data.Id;

import java.util.ArrayList;
import java.util.List;
import java.util.concurrent.CountDownLatch;

/*
 * Persistent znode demo
 */
public class PersistentDemo {

  public static void main(String[] args) throws Exception {
    final CuratorFramework curator;
System.setProperty("zookeeper.authProvider.1","org.apache.zookeeper.server.auth.SASLAuthenticationProvider");

System.setProperty("java.security.auth.login.config","/home/hvram/projects/zookeeper-3.4.5/conf/jaas.conf");
    System.setProperty(ZooKeeperSaslClient.LOGIN_CONTEXT_NAME_KEY,
"Client");
    //int port = Integer.parseInt(args[0]);
    int port = 2181;
    String zkConnect = "localhost:" + port;
    String path = "/newmadhav";

    System.err.println("Connecting to: " + zkConnect);
    curator = CuratorFrameworkFactory.newClient(zkConnect, 10000, 2000, new
RetryOneTime(2000));
    curator.start();

    if (curator.checkExists().forPath(path) !=null ) {
        System.err.println( path + " exists, deleting it first");
        curator.delete().forPath(path);
    }

curator.create().withMode(CreateMode.PERSISTENT).withACL(Ids.CREATOR_ALL_ACL).forPath(path)
;
    System.err.println("Created " + path + " . Sleeping for 10 seconds");

    Thread.sleep(10000);
    System.err.println("Closing " + zkConnect);
    curator.close();

    System.err.println("Connecting to: " + zkConnect);
    ZooKeeper zk = new ZooKeeper(zkConnect, 20000, null);
    if (zk.exists(path,true) != null) {
        System.err.println( path + " exists, deleting it first");
        zk.delete(path, -1);
        zk.exists(path, true); // Reset the watch
    }
    zk.create(path, "I am a node".getBytes(), Ids.OPEN_ACL_UNSAFE,
CreateMode.PERSISTENT);
    System.err.println("Created " + path + " . Sleeping for 10 seconds");
    Thread.sleep(10000);
    zk.close();

  }
}