You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@pulsar.apache.org by GitBox <gi...@apache.org> on 2019/03/12 01:34:09 UTC

[GitHub] [pulsar] merlimat commented on issue #3763: Pulsar Function Authorization

merlimat commented on issue #3763: Pulsar Function Authorization
URL: https://github.com/apache/pulsar/issues/3763#issuecomment-471811405
 
 
   > so far we are able to keep function metadata separate from broker's cluster metadata by storing them into function itself. So, can't we do the same for function auth data?
   
   The important part here is to have consistent way to declare and enforce authorization across topics and functions.
   
   The authorization is already abstracted and pluggable through the `AuthorizationProvider`. This is to add the "function operations" action as one of the possible actions one can do in the system (other than "produce" and "consume"). 
   
   Where the authorization is stored depends on the authz plugin and by default will be on configuration store (global zk). There isn't any change in the volume of data or frequency of updates.

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
users@infra.apache.org


With regards,
Apache Git Services