Jay Kreps created KAFKA-1688:
--------------------------------
Summary: Add authorization interface and naive implementation
Key: KAFKA-1688
URL: https://issues.apache.org/jira/browse/KAFKA-1688
Project: Kafka
Issue Type: Sub-task
Reporter: Jay Kreps
Add a PermissionManager interface as described here:
https://cwiki.apache.org/confluence/display/KAFKA/Security
(possibly there is a better name?)
Implement calls to the PermissionsManager in KafkaApis for the main requests
(FetchRequest, ProduceRequest, etc). We will need to add a new error code and
exception to the protocol to indicate "permission denied".
Add a server configuration to give the class you want to instantiate that
implements that interface. That class can define its own configuration
properties from the main config file.
Provide a simple implementation of this interface which just takes a user and
ip whitelist and permits those in either of the whitelists to do anything, and
denies all others.
Rather than writing an integration test for this class we can probably just use
this class for the TLS and SASL authentication testing.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
