Home | About | Sematext search-lucene.com search-hadoop.com
NEW: Monitor These Apps!
elasticsearch, apache solr, apache hbase, hadoop, redis, casssandra, amazon cloudwatch, mysql, memcached, apache kafka, apache zookeeper, apache storm, ubuntu, centOS, red hat, debian, puppet labs, java, senseiDB
 Search Hadoop and all its subprojects:

Switch to Plain View
Zookeeper >> mail # dev >> is superDigest really just base64 and SHA1 ?


Copy link to this message
-
is superDigest really just base64 and SHA1 ?

Hi,

According to src/java/main/org/apache/zookeeper/server/auth/DigestAuthenticationProvider.java line 34 (3.4.3 release tag) :

    /** specify a command line property with key of
     * "zookeeper.DigestAuthenticationProvider.superDigest"
     * and value of "super:<base64encoded(SHA1(password))>" to enable
     * super user access (i.e. acls disabled)
     */

However, there seems to be a difference between the output from zookeeper's own method, and more generic tools :

$ java -cp $CLASSPATH  org.apache.zookeeper.server.auth.DigestAuthenticationProvider super:test
super:test->super:D/InIHSb7yEEbrWz8b9l71RjZJU
$ echo "test" | sha1sum | base64
NGUxMjQzYmQyMmM2NmU3NmMyYmE5ZWRkYzFmOTEzOTRlNTdmOWY4MyAgLQo[ahorn@huginn zk]$

Am I missing something here ? Just wondered if more needed to be added to that explanatory comment. Salt perhaps?

Cheers,

Al
NEW: Monitor These Apps!
elasticsearch, apache solr, apache hbase, hadoop, redis, casssandra, amazon cloudwatch, mysql, memcached, apache kafka, apache zookeeper, apache storm, ubuntu, centOS, red hat, debian, puppet labs, java, senseiDB