-is superDigest really just base64 and SHA1 ?
Alan Horn 2012-08-27, 21:23
According to src/java/main/org/apache/zookeeper/server/auth/DigestAuthenticationProvider.java line 34 (3.4.3 release tag) :
/** specify a command line property with key of
* and value of "super:<base64encoded(SHA1(password))>" to enable
* super user access (i.e. acls disabled)
However, there seems to be a difference between the output from zookeeper's own method, and more generic tools :
$ java -cp $CLASSPATH org.apache.zookeeper.server.auth.DigestAuthenticationProvider super:test
$ echo "test" | sha1sum | base64
Am I missing something here ? Just wondered if more needed to be added to that explanatory comment. Salt perhaps?