You are viewing a plain text version of this content. The canonical link for it is here.

Posted to jira@kafka.apache.org by "kaushik srinivas (Jira)" <ji...@apache.org> on 2020/04/29 05:33:00 UTC

[jira] [Created] (KAFKA-9933) Need doc update on the AclAuthorizer when SASL_SSL is the protocol used.

kaushik srinivas created KAFKA-9933:
---------------------------------------

             Summary: Need doc update on the AclAuthorizer when SASL_SSL is the protocol used.
                 Key: KAFKA-9933
                 URL: https://issues.apache.org/jira/browse/KAFKA-9933
             Project: Kafka
          Issue Type: Improvement
          Components: security
    Affects Versions: 2.4.1
            Reporter: kaushik srinivas


Hello,

Document on the usage of the authorizer does not speak about the principal being used when the protocol for the listener is chosen as SASL + SSL (SASL_SSL).

Suppose kerberos and ssl is enabled together, will the authorization be based on the kerberos principal names or on the ssl certificate DN names ?

There is no document covering this part of the use case.

This needs information and documentation update.

Thanks,

Kaushik.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)