You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@kafka.apache.org by ju...@apache.org on 2015/11/14 02:43:04 UTC
kafka git commit: trivial 0.9.0 doc changes to AclCommand
Repository: kafka
Updated Branches:
refs/heads/trunk 8e6bae21c -> 599a31c24
trivial 0.9.0 doc changes to AclCommand
Project: http://git-wip-us.apache.org/repos/asf/kafka/repo
Commit: http://git-wip-us.apache.org/repos/asf/kafka/commit/599a31c2
Tree: http://git-wip-us.apache.org/repos/asf/kafka/tree/599a31c2
Diff: http://git-wip-us.apache.org/repos/asf/kafka/diff/599a31c2
Branch: refs/heads/trunk
Commit: 599a31c245618651c7973d040de793376f43bd95
Parents: 8e6bae2
Author: Jun Rao <ju...@gmail.com>
Authored: Fri Nov 13 17:42:50 2015 -0800
Committer: Jun Rao <ju...@gmail.com>
Committed: Fri Nov 13 17:42:50 2015 -0800
----------------------------------------------------------------------
docs/security.html | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/kafka/blob/599a31c2/docs/security.html
----------------------------------------------------------------------
diff --git a/docs/security.html b/docs/security.html
index 25f15a0..57fe874 100644
--- a/docs/security.html
+++ b/docs/security.html
@@ -264,7 +264,7 @@ Apache Kafka allows clients to connect over SSL. By default SSL is disabled but
Kafka ships with a pluggable Authorizer and an out-of-box authorizer implementation that uses zookeeper to store all the acls. Kafka acls are defined in the general format of "Principal P is [Allowed/Denied] Operation O From Host H On Resource R". You can read more about the acl structure on KIP-11. In order to add, remove or list acls you can use the Kafka authorizer CLI. By default, if a Resource R has no associated acls, no one other than super users is allowed to access R. If you want change that behavior, you can include the following in broker.properties.
<pre>allow.everyone.if.no.acl.found=true</pre>
One can also add super users in broker.properties like the following.
-<pre>super.users=User:Bob,User:Alice</pre>
+<pre>super.users=User:Bob;User:Alice</pre>
<h4>Command Line Interface</h4>
Kafka Authorization management CLI can be found under bin directory with all the other CLIs. The CLI script is called <b>kafka-acls.sh</b>. Following lists all the options that the script supports:
<p></p>
@@ -301,7 +301,7 @@ Kafka Authorization management CLI can be found under bin directory with all the
</tr>
<tr>
<td>--authorizer-properties</td>
- <td>comma separated key=val pairs that will be passed to authorizer for initialization.</td>
+ <td>key=val pairs that will be passed to authorizer for initialization. For the default authorizer the example values are: zookeeper.connect=localhost:2181</td>
<td></td>
<td>Configuration</td>
</tr>