> I think the right solution to this problem is better documentation.
Sounds good, but I worry that the user cannot set up the correct
configuration.
As infrastructure, we need to ensure the security of users at all times.
> The main users that need to know how to configure broker side
authoriza
> We have a flag to control the value of authentication data. See
> https://github.com/apache/pulsar/blob/82237d3684fe506bcb6426b3b23f413422e6e4fb/pulsar-proxy/src/main/java/org/apache/pulsar/proxy/server/ProxyConnection.java#L316-L322
Great point. I missed the `forwardAuthorizationCredentials` se
> This is already the case for both HTTP and pulsar protocols
We have a flag to control the value of authentication data. See
https://github.com/apache/pulsar/blob/82237d3684fe506bcb6426b3b23f413422e6e4fb/pulsar-proxy/src/main/java/org/apache/pulsar/proxy/server/ProxyConnection.java#L316-L322
.
>
Thanks for starting this thread, Zixuan.
For additional context, I provided some related feedback in comments
on this PR: https://github.com/apache/pulsar/pull/18130.
> So I suggest the proxy should always forward the authentication data from
> the client.
This is already the case for both HTTP
Hi all,
I want to discuss the authentication data issue, which affects the
authorization operation.
For the default to authorization provider, we only used the role to check
the permission, the authentication data was ignored. When a user wants to
customize an authorization provider, the user can
