You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@pulsar.apache.org by Jia Zhai <zh...@apache.org> on 2019/02/23 13:32:28 UTC
[DISCUSS] PIP 30: change authentication provider API to support
mutual authentication
Hi all,
Pulsar has a pluggable authentication mechanism
<http://pulsar.apache.org/docs/en/security-extending/#authentication> that
currently supports several auth providers.
But currently all the provided authentication are a kind of “single-step"
authentication. And under current api it is not able to support mutual
authentication between client and server, such as SASL
<https://en.wikipedia.org/wiki/Simple_Authentication_and_Security_Layer>.
So I am creating a PIP that try to discuss the interface changes to
support mutual authentication.
Here is the link for PIP-30:
https://github.com/apache/pulsar/wiki/PIP-30:-change-authentication-provider-API-to-support-mutual-authentication
And here is a PR for better discuss it:
https://github.com/apache/pulsar/pull/3677
Thanks a lot.
-Jia
Re: [DISCUSS] PIP 30: change authentication provider API to support
mutual authentication
Posted by Jia Zhai <zh...@gmail.com>.
Thanks Sijie and Enrico for the comments in the PR. Is there any comments
for this change?
Best Regards.
Jia Zhai
Beijing, China
Mobile: +86 15810491983
On Sat, Feb 23, 2019 at 9:32 PM Jia Zhai <zh...@apache.org> wrote:
> Hi all,
>
> Pulsar has a pluggable authentication mechanism
> <http://pulsar.apache.org/docs/en/security-extending/#authentication> that
> currently supports several auth providers.
>
> But currently all the provided authentication are a kind of “single-step"
> authentication. And under current api it is not able to support mutual
> authentication between client and server, such as SASL
> <https://en.wikipedia.org/wiki/Simple_Authentication_and_Security_Layer>.
> So I am creating a PIP that try to discuss the interface changes to
> support mutual authentication.
>
> Here is the link for PIP-30:
>
>
> https://github.com/apache/pulsar/wiki/PIP-30:-change-authentication-provider-API-to-support-mutual-authentication
>
> And here is a PR for better discuss it:
>
> https://github.com/apache/pulsar/pull/3677
>
>
> Thanks a lot.
>
> -Jia
>