Home | About | Sematext search-lucene.com search-hadoop.com
NEW: Monitor These Apps!
elasticsearch, apache solr, apache hbase, hadoop, redis, casssandra, amazon cloudwatch, mysql, memcached, apache kafka, apache zookeeper, apache storm, ubuntu, centOS, red hat, debian, puppet labs, java, senseiDB
 Search Hadoop and all its subprojects:

Switch to Plain View
Zookeeper >> mail # user >> ACL Usage with SASL Difference between Curator and ZK Client


Copy link to this message
-
ACL Usage with SASL Difference between Curator and ZK Client
Hi
   I am new to ZooKeeper . I am using ZK 3.4.5 with JDK 1.7 . I have the ZK
Server up and running using SASL

   I am using the following client to connect to the server . When I use
the Curator framework I am able to
     *curator.create().withMode(CreateMode.PERSISTENT).withACL(Ids.CREATOR_ALL_ACL).forPath(path)
;*
*
*
But I use the Ids.CREATOR_ALL_ACL with the zk client I get an error in the
ZooKeeper Server logs that says InvalidACL

*2013-01-01 10:28:20,581 [myid:] - INFO  [ProcessThread(sid:0
cport:-1)::PrepRequestProcessor@627] - Got user-level KeeperException when
processing sessionid:0x13bf3f761ca0008 type:create cxid:0x3 zxid:0x1a
txntype:-1 reqpath:n/a Error Path:*
*/newmadhav Error:KeeperErrorCode = InvalidACL for /newmadhav*
*
*
It works if I set the ACL to Ids.OPEN_ACL_UNSAFE

Attaching the program to simulate the condition .  Let me know if I am
missing something

import com.netflix.curator.framework.CuratorFramework;
import com.netflix.curator.framework.CuratorFrameworkFactory;
import com.netflix.curator.retry.RetryOneTime;
import org.apache.zookeeper.CreateMode;
import org.apache.zookeeper.WatchedEvent;
import org.apache.zookeeper.Watcher;
import org.apache.zookeeper.ZooDefs.Ids;
import org.apache.zookeeper.ZooKeeper;
import org.apache.zookeeper.client.ZooKeeperSaslClient;
import org.apache.zookeeper.data.ACL;
import org.apache.zookeeper.data.Id;

import java.util.ArrayList;
import java.util.List;
import java.util.concurrent.CountDownLatch;

/*
 * Persistent znode demo
 */
public class PersistentDemo {

  public static void main(String[] args) throws Exception {
    final CuratorFramework curator;
System.setProperty("zookeeper.authProvider.1","org.apache.zookeeper.server.auth.SASLAuthenticationProvider");

System.setProperty("java.security.auth.login.config","/home/hvram/projects/zookeeper-3.4.5/conf/jaas.conf");
    System.setProperty(ZooKeeperSaslClient.LOGIN_CONTEXT_NAME_KEY,
"Client");
    //int port = Integer.parseInt(args[0]);
    int port = 2181;
    String zkConnect = "localhost:" + port;
    String path = "/newmadhav";

    System.err.println("Connecting to: " + zkConnect);
    curator = CuratorFrameworkFactory.newClient(zkConnect, 10000, 2000, new
RetryOneTime(2000));
    curator.start();

    if (curator.checkExists().forPath(path) !=null ) {
        System.err.println( path + " exists, deleting it first");
        curator.delete().forPath(path);
    }

curator.create().withMode(CreateMode.PERSISTENT).withACL(Ids.CREATOR_ALL_ACL).forPath(path)
;
    System.err.println("Created " + path + " . Sleeping for 10 seconds");

    Thread.sleep(10000);
    System.err.println("Closing " + zkConnect);
    curator.close();

    System.err.println("Connecting to: " + zkConnect);
    ZooKeeper zk = new ZooKeeper(zkConnect, 20000, null);
    if (zk.exists(path,true) != null) {
        System.err.println( path + " exists, deleting it first");
        zk.delete(path, -1);
        zk.exists(path, true); // Reset the watch
    }
    zk.create(path, "I am a node".getBytes(), Ids.OPEN_ACL_UNSAFE,
CreateMode.PERSISTENT);
    System.err.println("Created " + path + " . Sleeping for 10 seconds");
    Thread.sleep(10000);
    zk.close();

  }
}
+
Harihara Vinayakaram 2013-01-05, 03:26
NEW: Monitor These Apps!
elasticsearch, apache solr, apache hbase, hadoop, redis, casssandra, amazon cloudwatch, mysql, memcached, apache kafka, apache zookeeper, apache storm, ubuntu, centOS, red hat, debian, puppet labs, java, senseiDB