You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@pulsar.apache.org by Zixuan Liu <no...@gmail.com> on 2022/11/24 07:40:26 UTC

[DISCUSS] Close the connection quickly after authorization failure

Hi all,

I would like to discuss whether to disconnect the broker and the client
after authorization failure.

Right now the Pulsar doesn't disconnect the client on the broker side after
authorization failure, then this client can still do other operations.

For an unauthorized user, we should disconnect this connection to avoid
hogging resources.

Please let me know what you think.

PR: https://github.com/apache/pulsar/pull/18578

Thanks,
Zixuan

Re: [DISCUSS] Close the connection quickly after authorization failure

Posted by Zixuan Liu <no...@gmail.com>.

Close this discussion.

Zixuan Liu <no...@gmail.com> 于2022年11月28日周一 16:18写道：

> > A connection can be used across multiple topics.
>
> Thank you for your explanation. You are right.
>
> Thanks,
> Zixuan
>
> PengHui Li <pe...@apache.org> 于2022年11月28日周一 11:28写道：
>
>> > I would like to discuss whether to disconnect the broker and the client
>> after authorization failure.
>>
>> I don't think we should close the connection for authorization failure.
>> A connection can be used across multiple topics. Irrationality is no
>> accessibility of a topic will disconnect producers and consumers that
>> have access to other topics.
>>
>> Thanks,
>> Penghui
>>
>> On Thu, Nov 24, 2022 at 4:52 PM Zixuan Liu <no...@gmail.com> wrote:
>>
>> > Hi Haiting,
>> >
>> > >Just want to make sure if we disconnect the connection, what's the
>> > behavior of the client?
>> >
>> > The client reconnects with the broker multiple times. When the maximum
>> > number of reconnections is reached, the client shutdown completely.
>> >
>> > Thanks,
>> > Zixuan
>> >
>> > Haiting Jiang <ji...@gmail.com> 于2022年11月24日周四 16:04写道：
>> >
>> > > Hi Zixuan,
>> > >
>> > > Just want to make sure if we disconnect the connection, what's the
>> > > behavior of the client?
>> > > will it throw exceptions and fail, or do retries?
>> > > Is the client possibly doing too many retries and crashing the server?
>> > >
>> > > Thanks,
>> > > Haiting
>> > >
>> > > On Thu, Nov 24, 2022 at 3:41 PM Zixuan Liu <no...@gmail.com> wrote:
>> > > >
>> > > > Hi all,
>> > > >
>> > > > I would like to discuss whether to disconnect the broker and the
>> client
>> > > > after authorization failure.
>> > > >
>> > > > Right now the Pulsar doesn't disconnect the client on the broker
>> side
>> > > after
>> > > > authorization failure, then this client can still do other
>> operations.
>> > > >
>> > > > For an unauthorized user, we should disconnect this connection to
>> avoid
>> > > > hogging resources.
>> > > >
>> > > > Please let me know what you think.
>> > > >
>> > > > PR: https://github.com/apache/pulsar/pull/18578
>> > > >
>> > > > Thanks,
>> > > > Zixuan
>> > >
>> >
>>
>

Re: [DISCUSS] Close the connection quickly after authorization failure

Posted by Zixuan Liu <no...@gmail.com>.

> A connection can be used across multiple topics.

Thank you for your explanation. You are right.

Thanks,
Zixuan

PengHui Li <pe...@apache.org> 于2022年11月28日周一 11:28写道：

> > I would like to discuss whether to disconnect the broker and the client
> after authorization failure.
>
> I don't think we should close the connection for authorization failure.
> A connection can be used across multiple topics. Irrationality is no
> accessibility of a topic will disconnect producers and consumers that
> have access to other topics.
>
> Thanks,
> Penghui
>
> On Thu, Nov 24, 2022 at 4:52 PM Zixuan Liu <no...@gmail.com> wrote:
>
> > Hi Haiting,
> >
> > >Just want to make sure if we disconnect the connection, what's the
> > behavior of the client?
> >
> > The client reconnects with the broker multiple times. When the maximum
> > number of reconnections is reached, the client shutdown completely.
> >
> > Thanks,
> > Zixuan
> >
> > Haiting Jiang <ji...@gmail.com> 于2022年11月24日周四 16:04写道：
> >
> > > Hi Zixuan,
> > >
> > > Just want to make sure if we disconnect the connection, what's the
> > > behavior of the client?
> > > will it throw exceptions and fail, or do retries?
> > > Is the client possibly doing too many retries and crashing the server?
> > >
> > > Thanks,
> > > Haiting
> > >
> > > On Thu, Nov 24, 2022 at 3:41 PM Zixuan Liu <no...@gmail.com> wrote:
> > > >
> > > > Hi all,
> > > >
> > > > I would like to discuss whether to disconnect the broker and the
> client
> > > > after authorization failure.
> > > >
> > > > Right now the Pulsar doesn't disconnect the client on the broker side
> > > after
> > > > authorization failure, then this client can still do other
> operations.
> > > >
> > > > For an unauthorized user, we should disconnect this connection to
> avoid
> > > > hogging resources.
> > > >
> > > > Please let me know what you think.
> > > >
> > > > PR: https://github.com/apache/pulsar/pull/18578
> > > >
> > > > Thanks,
> > > > Zixuan
> > >
> >
>

Re: [DISCUSS] Close the connection quickly after authorization failure

Posted by PengHui Li <pe...@apache.org>.

> I would like to discuss whether to disconnect the broker and the client
after authorization failure.

I don't think we should close the connection for authorization failure.
A connection can be used across multiple topics. Irrationality is no
accessibility of a topic will disconnect producers and consumers that
have access to other topics.

Thanks,
Penghui

On Thu, Nov 24, 2022 at 4:52 PM Zixuan Liu <no...@gmail.com> wrote:

> Hi Haiting,
>
> >Just want to make sure if we disconnect the connection, what's the
> behavior of the client?
>
> The client reconnects with the broker multiple times. When the maximum
> number of reconnections is reached, the client shutdown completely.
>
> Thanks,
> Zixuan
>
> Haiting Jiang <ji...@gmail.com> 于2022年11月24日周四 16:04写道：
>
> > Hi Zixuan,
> >
> > Just want to make sure if we disconnect the connection, what's the
> > behavior of the client?
> > will it throw exceptions and fail, or do retries?
> > Is the client possibly doing too many retries and crashing the server?
> >
> > Thanks,
> > Haiting
> >
> > On Thu, Nov 24, 2022 at 3:41 PM Zixuan Liu <no...@gmail.com> wrote:
> > >
> > > Hi all,
> > >
> > > I would like to discuss whether to disconnect the broker and the client
> > > after authorization failure.
> > >
> > > Right now the Pulsar doesn't disconnect the client on the broker side
> > after
> > > authorization failure, then this client can still do other operations.
> > >
> > > For an unauthorized user, we should disconnect this connection to avoid
> > > hogging resources.
> > >
> > > Please let me know what you think.
> > >
> > > PR: https://github.com/apache/pulsar/pull/18578
> > >
> > > Thanks,
> > > Zixuan
> >
>

Re: [DISCUSS] Close the connection quickly after authorization failure

Posted by Zixuan Liu <no...@gmail.com>.

Hi Haiting,

>Just want to make sure if we disconnect the connection, what's the
behavior of the client?

The client reconnects with the broker multiple times. When the maximum
number of reconnections is reached, the client shutdown completely.

Thanks,
Zixuan

Haiting Jiang <ji...@gmail.com> 于2022年11月24日周四 16:04写道：

> Hi Zixuan,
>
> Just want to make sure if we disconnect the connection, what's the
> behavior of the client?
> will it throw exceptions and fail, or do retries?
> Is the client possibly doing too many retries and crashing the server?
>
> Thanks,
> Haiting
>
> On Thu, Nov 24, 2022 at 3:41 PM Zixuan Liu <no...@gmail.com> wrote:
> >
> > Hi all,
> >
> > I would like to discuss whether to disconnect the broker and the client
> > after authorization failure.
> >
> > Right now the Pulsar doesn't disconnect the client on the broker side
> after
> > authorization failure, then this client can still do other operations.
> >
> > For an unauthorized user, we should disconnect this connection to avoid
> > hogging resources.
> >
> > Please let me know what you think.
> >
> > PR: https://github.com/apache/pulsar/pull/18578
> >
> > Thanks,
> > Zixuan
>

Re: [DISCUSS] Close the connection quickly after authorization failure

Posted by Haiting Jiang <ji...@gmail.com>.

Hi Zixuan,

Just want to make sure if we disconnect the connection, what's the
behavior of the client?
will it throw exceptions and fail, or do retries?
Is the client possibly doing too many retries and crashing the server?

Thanks,
Haiting

On Thu, Nov 24, 2022 at 3:41 PM Zixuan Liu <no...@gmail.com> wrote:
>
> Hi all,
>
> I would like to discuss whether to disconnect the broker and the client
> after authorization failure.
>
> Right now the Pulsar doesn't disconnect the client on the broker side after
> authorization failure, then this client can still do other operations.
>
> For an unauthorized user, we should disconnect this connection to avoid
> hogging resources.
>
> Please let me know what you think.
>
> PR: https://github.com/apache/pulsar/pull/18578
>
> Thanks,
> Zixuan