Home | About | Sematext search-lucene.com search-hadoop.com
 Search Hadoop and all its subprojects:

Switch to Threaded View
Zookeeper >> mail # dev >> is superDigest really just base64 and SHA1 ?


Copy link to this message
-
is superDigest really just base64 and SHA1 ?

Hi,

According to src/java/main/org/apache/zookeeper/server/auth/DigestAuthenticationProvider.java line 34 (3.4.3 release tag) :

    /** specify a command line property with key of
     * "zookeeper.DigestAuthenticationProvider.superDigest"
     * and value of "super:<base64encoded(SHA1(password))>" to enable
     * super user access (i.e. acls disabled)
     */

However, there seems to be a difference between the output from zookeeper's own method, and more generic tools :

$ java -cp $CLASSPATH  org.apache.zookeeper.server.auth.DigestAuthenticationProvider super:test
super:test->super:D/InIHSb7yEEbrWz8b9l71RjZJU
$ echo "test" | sha1sum | base64
NGUxMjQzYmQyMmM2NmU3NmMyYmE5ZWRkYzFmOTEzOTRlNTdmOWY4MyAgLQo[ahorn@huginn zk]$

Am I missing something here ? Just wondered if more needed to be added to that explanatory comment. Salt perhaps?

Cheers,

Al