You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@pulsar.apache.org by GitBox <gi...@apache.org> on 2020/07/16 18:42:43 UTC
[GitHub] [pulsar] cckellogg opened a new issue #7563: 2.6 AuthorizationProvider breaks compatibly with earlier versions
cckellogg opened a new issue #7563:
URL: https://github.com/apache/pulsar/issues/7563
**Describe the bug**
The 2.6 AuthorizationProvider breaks compatibility and behavior with custom Authorization plugins written against versions lower than 2.6.
**Expected behavior**
For example:
The Authorization for most of the Namespace operations called this method in AuthorizationProvider ```isTenantAdmin```
Now the Authorization for the Namespace operations call ends up calling this method ```allowNamespaceOperationAsync``` and the default implementation is:
```
return FutureUtil.failedFuture(
new IllegalStateException("NamespaceOperation is not supported by the Authorization provider you are using."));
```
This completely breaks any custom authorization plugin written against 2.5 if a user upgrades to version 2.6. When upgrading to 2.6 there should be no change in behavior for any custom authorization plugin written against an earlier version.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [pulsar] cckellogg commented on issue #7563: 2.6 AuthorizationProvider breaks compatibly with earlier versions
Posted by GitBox <gi...@apache.org>.
cckellogg commented on issue #7563:
URL: https://github.com/apache/pulsar/issues/7563#issuecomment-659827828
@sijie I'm not sure if the builtin AuthorizationProvider is broken in 2.6 I have not done much testing with that one. Custom AuthorizationProviders built against version less than 2.6 are broken when running with version 2.6.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [pulsar] sijie commented on issue #7563: 2.6 AuthorizationProvider breaks compatibly with earlier versions
Posted by GitBox <gi...@apache.org>.
sijie commented on issue #7563:
URL: https://github.com/apache/pulsar/issues/7563#issuecomment-659831829
@cckellogg I chatted with @srkukarni. I think the default implementation was pushed down the zk implementation. We can put some of the implementations at the interface level.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [pulsar] sijie commented on issue #7563: 2.6 AuthorizationProvider breaks compatibly with earlier versions
Posted by GitBox <gi...@apache.org>.
sijie commented on issue #7563:
URL: https://github.com/apache/pulsar/issues/7563#issuecomment-659742552
@cckellogg just to clarify this question first - does this change break the existing authorization implementation (model)? This would help me understand the severity of this issue.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org