Divij Vaidya created KAFKA-18766:
------------------------------------
Summary: Docs: Make usage of allow.everyone.if.no.acl.found config
clearer
Key: KAFKA-18766
URL: https://issues.apache.org/jira/browse/KAFKA-18766
Project: Kafka
Issue Type: Improvement
Components: documentation
Reporter: Divij Vaidya
h2. *Motivation*
In the documentation today, we have the following sentence:
{quote}By default, if no ResourcePatterns match a specific Resource R, then R
has no associated ACLs, and therefore no one other than super users is allowed
to access R. If you want to change that behavior, you can include the following
in server.properties.
{quote}
Although, it is correct, I have observed users being confused by it. I think
could me made clearer that default is deny and this property is a way to change
default.
h2. Change
Replace the above with the following:
*Default Behavior Without ACLs:*
{*}{*}If a resource (R) does not have any ACLs defined—that is, if no ACL
matches the resource—Kafka will restrict access to that resource. In this
situation, only super users (administrators) are allowed to access it.
*Changing the Default Behavior:*
{*}{*}If you prefer that resources without any ACLs be accessible by all users
(instead of just super users), you can change the default behavior. To do this,
add the following line to your server.properties file:
allow.everyone.if.no.acl.found=true
With this setting enabled, if a resource does not have any ACLs defined, Kafka
will allow access to everyone. If a resource has one or more ACLs defined,
those ACL rules will be enforced as usual, regardless of the setting.
h2. Testing
Test the change in the documentation by spinning up a local server using the
instructions at:
[https://cwiki.apache.org/confluence/display/KAFKA/Setup+Kafka+Website+on+Local+Apache+Server]
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
