You are viewing a plain text version of this content. The canonical link for it is here.
Posted to jira@kafka.apache.org by "kaushik srinivas (Jira)" <ji...@apache.org> on 2020/04/29 05:33:00 UTC
[jira] [Created] (KAFKA-9933) Need doc update on the AclAuthorizer
when SASL_SSL is the protocol used.
kaushik srinivas created KAFKA-9933:
---------------------------------------
Summary: Need doc update on the AclAuthorizer when SASL_SSL is the protocol used.
Key: KAFKA-9933
URL: https://issues.apache.org/jira/browse/KAFKA-9933
Project: Kafka
Issue Type: Improvement
Components: security
Affects Versions: 2.4.1
Reporter: kaushik srinivas
Hello,
Document on the usage of the authorizer does not speak about the principal being used when the protocol for the listener is chosen as SASL + SSL (SASL_SSL).
Suppose kerberos and ssl is enabled together, will the authorization be based on the kerberos principal names or on the ssl certificate DN names ?
There is no document covering this part of the use case.
This needs information and documentation update.
Thanks,
Kaushik.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)