You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@pulsar.apache.org by GitBox <gi...@apache.org> on 2020/05/19 18:47:37 UTC
[GitHub] [pulsar] jaschnell opened a new issue #6994: TLS Authorization
jaschnell opened a new issue #6994:
URL: https://github.com/apache/pulsar/issues/6994
**Describe the bug**
TLS Authorization is ignored on topics
**To Reproduce**
Steps to reproduce the behavior:
1. Create a consumer cert and a producer cert
2. Create a topic where consumer cert can consume and producer cert can produce
3. Produce a message and consumer it using the proper certs
4. Produce a message using the consumer cert
5. ERROR - the message is produced into the topic
**Expected behavior**
The producer should not be allowed to be created on the topic because the cert is not authorized
**Screenshots**
<img width="619" alt="topic-permissions" src="https://user-images.githubusercontent.com/65622166/82366036-8ec12200-99df-11ea-8ec1-c84a3682aeee.png">
<img width="811" alt="java-code" src="https://user-images.githubusercontent.com/65622166/82366052-94b70300-99df-11ea-9125-cd00fec0b8e1.png">
** Version **
2.5.0
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [pulsar] jaschnell commented on issue #6994: TLS Authorization
Posted by GitBox <gi...@apache.org>.
jaschnell commented on issue #6994:
URL: https://github.com/apache/pulsar/issues/6994#issuecomment-631198108
Do you want the broker config file? Or something else? The use case is that we only want certain applications to produce messages on certain topics and not be allowed to consume messages.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [pulsar] jaschnell commented on issue #6994: TLS Authorization
Posted by GitBox <gi...@apache.org>.
jaschnell commented on issue #6994:
URL: https://github.com/apache/pulsar/issues/6994#issuecomment-631240594
You can close it. I had the **authorization** set to false in the broker setup. Sorry about that. I had a feeling it was too basic of issue to be real.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [pulsar] jiazhai commented on issue #6994: TLS Authorization
Posted by GitBox <gi...@apache.org>.
jiazhai commented on issue #6994:
URL: https://github.com/apache/pulsar/issues/6994#issuecomment-631214736
right, the broker and client config that related to TLS.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [pulsar] jiazhai commented on issue #6994: TLS Authorization
Posted by GitBox <gi...@apache.org>.
jiazhai commented on issue #6994:
URL: https://github.com/apache/pulsar/issues/6994#issuecomment-631190421
@jaschnell Would you please help provide a detailed config for your usecase? TLS authorization should be work after enabled TLS authentication.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org