You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@kafka.apache.org by "Jun Rao (JIRA)" <ji...@apache.org> on 2015/06/30 00:31:04 UTC

[jira] [Updated] (KAFKA-1688) Add authorization interface and naive implementation

     [ https://issues.apache.org/jira/browse/KAFKA-1688?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Jun Rao updated KAFKA-1688:
---------------------------
    Status: Open  (was: Patch Available)

This is now going to be handled in KAFKA-2210, KAFKA-2211, and KAFKA-2212. 

> Add authorization interface and naive implementation
> ----------------------------------------------------
>
>                 Key: KAFKA-1688
>                 URL: https://issues.apache.org/jira/browse/KAFKA-1688
>             Project: Kafka
>          Issue Type: Sub-task
>          Components: security
>            Reporter: Jay Kreps
>            Assignee: Parth Brahmbhatt
>             Fix For: 0.8.3
>
>         Attachments: KAFKA-1688.patch, KAFKA-1688_2015-04-10_11:08:39.patch
>
>
> Add a PermissionManager interface as described here:
> https://cwiki.apache.org/confluence/display/KAFKA/Security
> (possibly there is a better name?)
> Implement calls to the PermissionsManager in KafkaApis for the main requests (FetchRequest, ProduceRequest, etc). We will need to add a new error code and exception to the protocol to indicate "permission denied".
> Add a server configuration to give the class you want to instantiate that implements that interface. That class can define its own configuration properties from the main config file.
> Provide a simple implementation of this interface which just takes a user and ip whitelist and permits those in either of the whitelists to do anything, and denies all others.
> Rather than writing an integration test for this class we can probably just use this class for the TLS and SASL authentication testing.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)