I update the document here
https://github.com/apache/pulsar-manager/wiki/Authentication-and-Authorization-in-Pulsar-Manager,
please reply to this email if you have any questions, then I will implement
this feature according to the document.
Thanks,
Guangning
Guangning E 于2019年11月22日周五 上午11:10写道:
I got it. I think the current architecture is ok, a developer will get a
token, he has the token, he can produce and consume messages, after
entering the platform, he can only see the topic bound with the token or
some statistical information of namespace, he does not have any permission
to change
Readonly role at pulsar-manager level. In our case we allow developers
to access pulsar-manager to analyze topic metrics (produce /consume
rate, list of consumers & subscriptions etc ). But we don't want to
allow them to make any changes to the pulsar resources, such as
clusters, namespaces or topi
I'd like to know what you mean by read-only role and what operations it is
mainly used for. At present, pulsar-manager manages the permissions that
already exist in pulsar. I see that there are two PIP's on permission
improvement in pulsar. On this basis, we can easily expand roles in
pulsar-manage
Hi Guangning, Overall looks good. I am looking forward for an example how
can we create a read only role ? Can we please add an `read` action also
into verb list ?
On Thu, Nov 21, 2019, 12:40 PM Guangning E wrote:
> Hi everyone,
> The current pulsar-manager already supports basic JWT certificati
Hi everyone,
The current pulsar-manager already supports basic JWT certification,
authorization and management, and we want to further integrate with
pulsar's multi-tenant system, so we drafted the following document on the
certification and authorization of the pulsar-manager. If you have any
idea
