You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@pulsar.apache.org by Jia Zhai <zh...@apache.org> on 2019/02/23 13:32:28 UTC

[DISCUSS] PIP 30: change authentication provider API to support mutual authentication

Hi all,

Pulsar has a pluggable authentication mechanism
<http://pulsar.apache.org/docs/en/security-extending/#authentication> that
currently supports several auth providers.

But currently all the provided authentication are a kind of “single-step"
authentication. And under current api it is not able to support mutual
authentication between client and server,  such as SASL
<https://en.wikipedia.org/wiki/Simple_Authentication_and_Security_Layer>.
So I am creating a  PIP that try to discuss the interface changes to
support mutual authentication.

Here is the link for PIP-30:

https://github.com/apache/pulsar/wiki/PIP-30:-change-authentication-provider-API-to-support-mutual-authentication

And here is a PR for better discuss it:

https://github.com/apache/pulsar/pull/3677


Thanks a lot.

-Jia

Re: [DISCUSS] PIP 30: change authentication provider API to support mutual authentication

Posted by Jia Zhai <zh...@gmail.com>.

Thanks Sijie and Enrico for the comments in the PR. Is there any comments
for this change?


Best Regards.


Jia Zhai

Beijing, China

Mobile: +86 15810491983




On Sat, Feb 23, 2019 at 9:32 PM Jia Zhai <zh...@apache.org> wrote:

> Hi all,
>
> Pulsar has a pluggable authentication mechanism
> <http://pulsar.apache.org/docs/en/security-extending/#authentication> that
> currently supports several auth providers.
>
> But currently all the provided authentication are a kind of “single-step"
> authentication. And under current api it is not able to support mutual
> authentication between client and server,  such as SASL
> <https://en.wikipedia.org/wiki/Simple_Authentication_and_Security_Layer>.
> So I am creating a  PIP that try to discuss the interface changes to
> support mutual authentication.
>
> Here is the link for PIP-30:
>
>
> https://github.com/apache/pulsar/wiki/PIP-30:-change-authentication-provider-API-to-support-mutual-authentication
>
> And here is a PR for better discuss it:
>
> https://github.com/apache/pulsar/pull/3677
>
>
> Thanks a lot.
>
> -Jia
>