We want to secure BookKeeper clusters, so at least we have to cover this main issues:

SSL/TLS support for encrypting comunications and/or to implement client authentication
Use ACLs while writing to ZooKeeper
Provide an extensible Authentication framework (in BookKeeper 4.4.0 there is already partial support for this)
- Provide a out-of-the box plugin which implements standard SASL authentication, with at least support for GSSAPI/Kerberos and DIGEST-MD5 mechs
Provide initial support for Authorization
SSL/TLS support for encrypting comunications and/or to implement client authentication

Proposals

Major concers are about protocol compatibility, data encryption, configuration on Bookie side and client-side, rolling upgrades and ZooKeeper security.

...

Child pages

Versions Compared

Old Version 6

New Version 7

Key

Proposals

Child pages

Page History

Versions Compared

Old Version 6

New Version 7

Key

Proposals