You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@kafka.apache.org by "Gwen Shapira (JIRA)" <ji...@apache.org> on 2015/09/25 04:27:04 UTC

[jira] [Resolved] (KAFKA-2579) Unauthorized clients should not be able to join groups

     [ https://issues.apache.org/jira/browse/KAFKA-2579?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Gwen Shapira resolved KAFKA-2579.
---------------------------------
       Resolution: Fixed
    Fix Version/s: 0.9.0.0

Issue resolved by pull request 240
[https://github.com/apache/kafka/pull/240]

> Unauthorized clients should not be able to join groups 
> -------------------------------------------------------
>
>                 Key: KAFKA-2579
>                 URL: https://issues.apache.org/jira/browse/KAFKA-2579
>             Project: Kafka
>          Issue Type: Sub-task
>          Components: security
>    Affects Versions: 0.9.0.0
>            Reporter: Jason Gustafson
>            Assignee: Jason Gustafson
>             Fix For: 0.9.0.0
>
>
> The JoinGroup authorization is only checked in the response callback which is invoked after the request has been forwarded to the ConsumerCoordinator and the client has joined the group. This allows unauthorized members to impact the rest of the group since the coordinator will assign partitions to them. It would be better to check permission and return immediately if the client is unauthorized.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)