Hi all, Pulsar has a pluggable authentication mechanism <http://pulsar.apache.org/docs/en/security-extending/#authentication> that currently supports several auth providers.
But currently all the provided authentication are a kind of “single-step" authentication. And under current api it is not able to support mutual authentication between client and server, such as SASL <https://en.wikipedia.org/wiki/Simple_Authentication_and_Security_Layer>. So I am creating a PIP that try to discuss the interface changes to support mutual authentication. Here is the link for PIP-30: https://github.com/apache/pulsar/wiki/PIP-30:-change-authentication-provider-API-to-support-mutual-authentication And here is a PR for better discuss it: https://github.com/apache/pulsar/pull/3677 Thanks a lot. -Jia
