You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@pulsar.apache.org by GitBox <gi...@apache.org> on 2022/04/18 09:32:29 UTC

[GitHub] [pulsar] liangyepianzhou opened a new pull request, #15201: [Improve][doc] add broker config for Oauth2

liangyepianzhou opened a new pull request, #15201:
URL: https://github.com/apache/pulsar/pull/15201

   ### Motivation & Modification
   add configuration to configure brokers to authenticate clients
   
   ### Verifying this change
   
   - [ ] Make sure that the change passes the CI checks.
   
   *(Please pick either of the following options)*
   
   This change is a trivial rework / code cleanup without any test coverage.
   
   *(or)*
   
   This change is already covered by existing tests, such as *(please describe tests)*.
   
   *(or)*
   
   This change added tests and can be verified as follows:
   
   *(example:)*
     - *Added integration tests for end-to-end deployment with large payloads (10MB)*
     - *Extended integration test for recovery after broker failure*
   
   ### Does this pull request potentially affect one of the following parts:
   
   *If `yes` was chosen, please highlight the changes*
   
     - Dependencies (does it add or upgrade a dependency): (yes / no)
     - The public API: (yes / no)
     - The schema: (yes / no / don't know)
     - The default values of configurations: (yes / no)
     - The wire protocol: (yes / no)
     - The rest endpoints: (yes / no)
     - The admin cli options: (yes / no)
     - Anything that affects deployment: (yes / no / don't know)
   
   ### Documentation
   
   Check the box below or label this PR directly.
   
   Need to update docs? 
   
   - [ ] `doc-required` 
   (Your PR needs to update docs and you will update later)
     
   - [ ] `no-need-doc` 
   (Please explain why)
     
   - [x] `doc` 
   (Your PR contains doc changes)
   
   - [ ] `doc-added`
   (Docs have been already added)


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@pulsar.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [pulsar] nodece commented on a diff in pull request #15201: [Improve][doc] add broker config for Oauth2

Posted by GitBox <gi...@apache.org>.

nodece commented on code in PR #15201:
URL: https://github.com/apache/pulsar/pull/15201#discussion_r852244819


##########
site2/docs/security-oauth2.md:
##########
@@ -195,6 +195,21 @@ This example shows how to configure OAuth2 authentication in Node.js client.
 ```
 > Note: The support for OAuth2 authentication is only available in Node.js client 1.6.2 and later versions.
 
+## Broker configuration
+To configure brokers to authenticate clients, add the following parameters to broker.conf or standalone.conf:
+```properties
+# Configuration to enable authentication and authorization

Review Comment:
   ```suggestion
   # Configuration to enable authentication
   ```



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@pulsar.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [pulsar] Anonymitaet commented on pull request #15201: [Improve][doc] add broker config for Oauth2

Posted by GitBox <gi...@apache.org>.

Anonymitaet commented on PR #15201:
URL: https://github.com/apache/pulsar/pull/15201#issuecomment-1101935425

   @momo-jun could you please help review this PR? Thanks


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@pulsar.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [pulsar] nodece commented on a diff in pull request #15201: [Improve][doc] add broker config for Oauth2

Posted by GitBox <gi...@apache.org>.

nodece commented on code in PR #15201:
URL: https://github.com/apache/pulsar/pull/15201#discussion_r852131618


##########
site2/docs/security-oauth2.md:
##########
@@ -195,6 +195,22 @@ This example shows how to configure OAuth2 authentication in Node.js client.
 ```
 > Note: The support for OAuth2 authentication is only available in Node.js client 1.6.2 and later versions.
 
+## Broker configuration
+To configure brokers to authenticate clients, add the following parameters to broker.conf or standalone.conf:
+```properties
+# Configuration to enable authentication and authorization
+authenticationEnabled=true
+authorizationEnabled=true

Review Comment:
   I think we should remove the `authorizationEnabled=true`.



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@pulsar.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [pulsar] nodece commented on a diff in pull request #15201: [Improve][doc] add broker config for Oauth2

Posted by GitBox <gi...@apache.org>.

nodece commented on code in PR #15201:
URL: https://github.com/apache/pulsar/pull/15201#discussion_r852244014


##########
site2/docs/security-oauth2.md:
##########
@@ -195,6 +195,22 @@ This example shows how to configure OAuth2 authentication in Node.js client.
 ```
 > Note: The support for OAuth2 authentication is only available in Node.js client 1.6.2 and later versions.
 
+## Broker configuration
+To configure brokers to authenticate clients, add the following parameters to broker.conf or standalone.conf:
+```properties
+# Configuration to enable authentication and authorization
+authenticationEnabled=true
+authorizationEnabled=true

Review Comment:
   You should remove any authorization config like `superUserRoles`, and update the description about authentication.



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@pulsar.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [pulsar] nodece commented on a diff in pull request #15201: [Improve][doc] add broker config for Oauth2

Posted by GitBox <gi...@apache.org>.

nodece commented on code in PR #15201:
URL: https://github.com/apache/pulsar/pull/15201#discussion_r852242688


##########
site2/docs/security-oauth2.md:
##########
@@ -195,6 +195,21 @@ This example shows how to configure OAuth2 authentication in Node.js client.
 ```
 > Note: The support for OAuth2 authentication is only available in Node.js client 1.6.2 and later versions.
 
+## Broker configuration
+To configure brokers to authenticate clients, add the following parameters to broker.conf or standalone.conf:
+```properties
+# Configuration to enable authentication and authorization
+authenticationEnabled=true
+authenticationProviders=org.apache.pulsar.broker.authentication.AuthenticationProviderToken
+tokenPublicKey=/path/to/publicKey
+superUserRoles=[my-super-user-1,my-super-user-2]

Review Comment:
   This also should be removed, it is authorization config.



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@pulsar.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [pulsar] nodece commented on a diff in pull request #15201: [Improve][doc] add broker config for Oauth2

Posted by GitBox <gi...@apache.org>.

nodece commented on code in PR #15201:
URL: https://github.com/apache/pulsar/pull/15201#discussion_r852244014


##########
site2/docs/security-oauth2.md:
##########
@@ -195,6 +195,22 @@ This example shows how to configure OAuth2 authentication in Node.js client.
 ```
 > Note: The support for OAuth2 authentication is only available in Node.js client 1.6.2 and later versions.
 
+## Broker configuration
+To configure brokers to authenticate clients, add the following parameters to broker.conf or standalone.conf:
+```properties
+# Configuration to enable authentication and authorization
+authenticationEnabled=true
+authorizationEnabled=true

Review Comment:
   Sorry, I didn't tell you should remove any authorization config like `superUserRoles`, and update the description about authentication.



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@pulsar.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [pulsar] momo-jun commented on a diff in pull request #15201: [Improve][doc] add broker config for Oauth2

Posted by GitBox <gi...@apache.org>.

momo-jun commented on code in PR #15201:
URL: https://github.com/apache/pulsar/pull/15201#discussion_r853055837


##########
site2/docs/security-oauth2.md:
##########
@@ -195,6 +195,20 @@ This example shows how to configure OAuth2 authentication in Node.js client.
 ```
 > Note: The support for OAuth2 authentication is only available in Node.js client 1.6.2 and later versions.
 
+## Broker configuration
+To enable OAuth2 brokers authentication in brokers, add the following parameters to the `broker.conf` or `standalone.conf` file.

Review Comment:
   `brokers` can be removed between `OAuth2` and `authentication`?



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@pulsar.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [pulsar] nodece commented on a diff in pull request #15201: [Improve][doc] add broker config for Oauth2

Posted by GitBox <gi...@apache.org>.

nodece commented on code in PR #15201:
URL: https://github.com/apache/pulsar/pull/15201#discussion_r852131618


##########
site2/docs/security-oauth2.md:
##########
@@ -195,6 +195,22 @@ This example shows how to configure OAuth2 authentication in Node.js client.
 ```
 > Note: The support for OAuth2 authentication is only available in Node.js client 1.6.2 and later versions.
 
+## Broker configuration
+To configure brokers to authenticate clients, add the following parameters to broker.conf or standalone.conf:
+```properties
+# Configuration to enable authentication and authorization
+authenticationEnabled=true
+authorizationEnabled=true

Review Comment:
   I think should be `authorizationEnabled=true` removed.



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@pulsar.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [pulsar] liangyepianzhou commented on a diff in pull request #15201: [Improve][doc] add broker config for Oauth2

Posted by GitBox <gi...@apache.org>.

liangyepianzhou commented on code in PR #15201:
URL: https://github.com/apache/pulsar/pull/15201#discussion_r853130486


##########
site2/docs/security-oauth2.md:
##########
@@ -195,6 +195,20 @@ This example shows how to configure OAuth2 authentication in Node.js client.
 ```
 > Note: The support for OAuth2 authentication is only available in Node.js client 1.6.2 and later versions.
 
+## Broker configuration
+To enable OAuth2 brokers authentication in brokers, add the following parameters to the `broker.conf` or `standalone.conf` file.

Review Comment:
   yes, I think so, and this is a suggestion given by your. 
   My fault!  I did not review it carefully.



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@pulsar.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [pulsar] liangyepianzhou commented on a diff in pull request #15201: [Improve][doc] add broker config for Oauth2

Posted by GitBox <gi...@apache.org>.

liangyepianzhou commented on code in PR #15201:
URL: https://github.com/apache/pulsar/pull/15201#discussion_r853130486


##########
site2/docs/security-oauth2.md:
##########
@@ -195,6 +195,20 @@ This example shows how to configure OAuth2 authentication in Node.js client.
 ```
 > Note: The support for OAuth2 authentication is only available in Node.js client 1.6.2 and later versions.
 
+## Broker configuration
+To enable OAuth2 brokers authentication in brokers, add the following parameters to the `broker.conf` or `standalone.conf` file.

Review Comment:
   yes, I think so, and this is a suggestion given by you. 
   My fault!  I did not review it carefully.



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@pulsar.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [pulsar] nodece commented on a diff in pull request #15201: [Improve][doc] add broker config for Oauth2

Posted by GitBox <gi...@apache.org>.

nodece commented on code in PR #15201:
URL: https://github.com/apache/pulsar/pull/15201#discussion_r852242120


##########
site2/docs/security-oauth2.md:
##########
@@ -195,6 +195,21 @@ This example shows how to configure OAuth2 authentication in Node.js client.
 ```
 > Note: The support for OAuth2 authentication is only available in Node.js client 1.6.2 and later versions.
 
+## Broker configuration
+To configure brokers to authenticate clients, add the following parameters to broker.conf or standalone.conf:
+```properties
+# Configuration to enable authentication and authorization

Review Comment:
   Update this description.
   



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@pulsar.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [pulsar] Technoboy- merged pull request #15201: [Improve][doc] add broker config for Oauth2

Posted by GitBox <gi...@apache.org>.

Technoboy- merged PR #15201:
URL: https://github.com/apache/pulsar/pull/15201


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@pulsar.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [pulsar] momo-jun commented on a diff in pull request #15201: [Improve][doc] add broker config for Oauth2

Posted by GitBox <gi...@apache.org>.

momo-jun commented on code in PR #15201:
URL: https://github.com/apache/pulsar/pull/15201#discussion_r852623473


##########
site2/docs/security-oauth2.md:
##########
@@ -195,6 +195,20 @@ This example shows how to configure OAuth2 authentication in Node.js client.
 ```
 > Note: The support for OAuth2 authentication is only available in Node.js client 1.6.2 and later versions.
 
+## Broker configuration
+To configure brokers to authenticate clients, add the following parameters to broker.conf or standalone.conf:

Review Comment:
   ```suggestion
   To enable OAuth2 brokers authentication in brokers, add the following parameters to the `broker.conf` or `standalone.conf` file.
   ```



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@pulsar.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [pulsar] nodece commented on a diff in pull request #15201: [Improve][doc] add broker config for Oauth2

Posted by GitBox <gi...@apache.org>.

nodece commented on code in PR #15201:
URL: https://github.com/apache/pulsar/pull/15201#discussion_r852244521


##########
site2/docs/security-oauth2.md:
##########
@@ -195,6 +195,21 @@ This example shows how to configure OAuth2 authentication in Node.js client.
 ```
 > Note: The support for OAuth2 authentication is only available in Node.js client 1.6.2 and later versions.
 
+## Broker configuration
+To configure brokers to authenticate clients, add the following parameters to broker.conf or standalone.conf:
+```properties
+# Configuration to enable authentication and authorization
+authenticationEnabled=true
+authenticationProviders=org.apache.pulsar.broker.authentication.AuthenticationProviderToken
+tokenPublicKey=/path/to/publicKey
+superUserRoles=[my-super-user-1,my-super-user-2]

Review Comment:
   ```suggestion
   
   ```



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@pulsar.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [pulsar] nodece commented on a diff in pull request #15201: [Improve][doc] add broker config for Oauth2

Posted by GitBox <gi...@apache.org>.

nodece commented on code in PR #15201:
URL: https://github.com/apache/pulsar/pull/15201#discussion_r852245486


##########
site2/docs/security-oauth2.md:
##########
@@ -195,6 +195,22 @@ This example shows how to configure OAuth2 authentication in Node.js client.
 ```
 > Note: The support for OAuth2 authentication is only available in Node.js client 1.6.2 and later versions.
 
+## Broker configuration
+To configure brokers to authenticate clients, add the following parameters to broker.conf or standalone.conf:
+```properties
+# Configuration to enable authentication and authorization
+authenticationEnabled=true
+authorizationEnabled=true

Review Comment:
   @liangyepianzhou 



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@pulsar.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [pulsar] momo-jun commented on a diff in pull request #15201: [Improve][doc] add broker config for Oauth2

Posted by GitBox <gi...@apache.org>.

momo-jun commented on code in PR #15201:
URL: https://github.com/apache/pulsar/pull/15201#discussion_r853055837


##########
site2/docs/security-oauth2.md:
##########
@@ -195,6 +195,20 @@ This example shows how to configure OAuth2 authentication in Node.js client.
 ```
 > Note: The support for OAuth2 authentication is only available in Node.js client 1.6.2 and later versions.
 
+## Broker configuration
+To enable OAuth2 brokers authentication in brokers, add the following parameters to the `broker.conf` or `standalone.conf` file.

Review Comment:
   `brokers` between `OAuth2` and `authentication` can be removed?



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@pulsar.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org