Home | About | Sematext search-lucene.com search-hadoop.com
 Search Hadoop and all its subprojects:

Switch to Threaded View
Zookeeper >> mail # user >> Ip ACL


Hi Janet,

I'm guessing the client IP address the server sees is 127.0.0.1 (which
is probably different from the ip address you specify in addAuthInfo)
if the client and the server are running on a same host. You can try
passing 127.0.0.1 to addAuthInfo and see if it works.

--Michi

On Wed, May 29, 2013 at 1:09 PM, Proctor, Janet [USA]
<[EMAIL PROTECTED]> wrote:
> Hello,
>
>
>
> I am trying to use ACLs to lock down znodes to a specific Ip Address. I am getting a NoAuth error when I try create the sturcture /testkeystore/certs/somecert.pem.  I create the node /testkeystore with an ACL of cdrwa with no problem. When I try to attach certs to /testkeystore (/testkeystore/certs), I get an the NoAuth error on the create method below.  I had to type this code in email, beacuse it lives a different network. Please excuse mistabbling. It should compile. I've tried to account for all of the braces. Also, please forgive the catch all exceptions, I'm just trying to get things to work.
>
>
>
>
>
> My code is as follows:
>
>
>
> DataStore mystore = new DataStore();
>
> mystore.connect();
>
> mystore.create("testkeystore", null);
>
> mystore.copyFolder(new File("home/hadoop/testkeystore/certs"), "/testkeystore/certs");
>
> mystore.close();
>
>
>
>
>
> public class DataStore implements Watcher {
>
>
>
> private ZooKeeper zk;
>
> List <ACL> aclLst = new ArrayList<ACL> (1);
>
>
>
> public void connect throws IOException, InterruptedException {
>
>
>
> zk = new Zookeeper("localhost", SESSION_TIMEOUT, this);
>
> zk.addAuthInfo("ip", "#.#.#.#) //the #s are the ip address of the server that i'm running zookeeper on and executing this code on
>
> aclLst.add(new ACL(Perms.ALL, new Id("ip", "#.#.#.#")));
>
> connectedSignal.await()
>
>
>
> }
>
>
>
> public void create(String path, byte [] fileBytes) throws KeeperException, InterruptedException, Exception
>
> {
>
> Stat stat = zk.exists(path, false);
>
>
>
>     if(stat == null){
>
>         zk.create(path, fileBytes, aclLst, CreateMode.PERSISTENT);
>
>     }
>
>
>
>     else
>
>     {
>
>         zk.setData(path, fileBytes, -1);
>
>     }
>
> }
>
>
>
>
>
> public void copyFolder(File srcFolder, String dst) throws Exception
>
> {
>
>     String dstFolder = dst;
>
>
>
>
>
>         if(srcFolder.isDirectory())
>
>         {
>
>             Stat stat = zk.exists(dst, false);
>
>
>
>         if(stat == null){
>
>             zk.create(dst, new byte[0], aclLst, CreateMode.PERSISTENT);
>
>         }
>
>         String files [] = srcFolder.list();
>
>         for(String file:files)
>
>         {
>
>             File srcFile = new File(srcFolder, file);
>
>             dstFolder = dst + "/" + file;
>
>
>
>         //recursive copy
>
>         copyFolder(srcFile, dstFolder);
>
>         }
>
>
>
>     }
>
>     else
>
>     {
>
>
>
>         copyFromLocal(srcFolder.getPath, dstFolder);
>
>     }
>
>
>
> }
>
>
>
> public void copyFromLocal(String src, String dst) throws Exception
>
> {
>
> File srcFile = new File (src);
>
> file byte [] fileBytes;
>
>
>
> InputStream in = null;
>
>
>
>     try{
>
>
>
>          in = new FileInputStream(srcFile);
>
>          fileBytes = readFully(in)_;
>
>         create(dst, fileBytes);
>
>         }
>
>
>
>     finally {
>
>     if(in != null)
>
>         try {
>
>         in.close();
>
>         }
>
>
>
>         catch(Exception ignore) {
>
>         }
>
>     }
>
>
>
> }
>
>
>
> private static byte [] readFully(final InputStream in ) throws IOException {
>
>
>
> final ByteArrayOutputStream buf1 = new ByteArrayOutputStream();
>
> final byte [] buf2 = new byte[8*1024];
>
> for(int read; (read = in.read(buf2)) >0;){
>
>     buf1.write(buf2, 0, read);
>
>     }
>
> return buf1.toByteArray();
>
> }
>
>
>
> }
>
>
>
>
>
>
>
> Janet Proctor, PMP
> Booz Allen Hamilton
> 301-617-2565 (Booz Allen)
> 410-854-3559(Client Site)