There is a security proposal in the works https://cwiki.apache.org/confluence/display/KAFKA/Security but nothing yet.
How to prevent your scenario is going to depend a little on what circumstances would occur where test messages are occurring in production but is something you have to take care of yourself. I used to have test messages in production because clients needed to qa creatives of an ad before it went live (or integration testing with publishers and networks before running their first campaign) however those "test" impressions and "test" events were never billable. We added a flag on our data (isProduction) and ran it through another public interface but it all ended up in the same place all within our production infrastructure but isProduction=0 was excluded in any official production reports for real campaigns. For us it was important for the data at rest to contain where it came from so under audit we could prove this and segregate things. /******************************************* Joe Stein Founder, Principal Consultant Big Data Open Source Security LLC http://www.stealth.ly Twitter: @allthingshadoop <http://www.twitter.com/allthingshadoop> ********************************************/ On Mon, Nov 4, 2013 at 4:19 AM, zhao weinan <xcvisc...@gmail.com> wrote: > Hi, i've searched the mailing list archive, but nothing found. I'm > wondering how to prevent test producer from sending dirty messages to a > production broker? > > -- > zhaown >
