Versions Compared

Old Version 11

changes.mady.by.user Mayuresh Gharat

Saved on

compared with

New Version Current

changes.mady.by.user Mayuresh Gharat

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Table of Contents

Status

Current state: Under DiscussionClosed (Covered by KIP-189)

Discussion thread: (Original Archive) (Markmail)

...

This KIP introduces a change to Session class to accept a parameter of Java Principal type  instead of KafkaPrincipal type. It also introduces a new API in PrincipalBuilder, that would build a Java Principal from the passed in map of configs. kafka-acls.sh would take in 2 optional command line parameters specifying the PrincipalBuilder class name and the properties used to create the PrincpalBuilder.

Beyond the proposed new configuration key this KIP makes no changes to client or server public APIs.

This change will not affect the default ACL Authorizer (SimpleAclAuthorizer) as we would generate a KafkaPrincipal from the Java Principal in the default Authorizer.

Proposed Changes

  • Change the Session class to accept a parameter of type Java Principal instead of KafkaPrincipal.

    Code Block
    languagejava
    themeMidnight
    case class Session(principal: Principal, clientAddress: InetAddress)

  • The Authorizer can access this principal object as follows :

    Code Block
    languagejava
    themeMidnight
    public boolean authorize(RequestChannel.Session session, Operation operation, Resource resource) {
...
 Principal principal = session.principal();
 User_Defined_Principal principal = (User_Defined_Principal) principal;  
...
}

  • User_Defined_Principal is the Principal generated by the PrincipalBuilder and it implements Java Principal.

    Changes to kafka-acls

    .

    sh

    • Kafka-acls.sh will allow to specify a custom PrincipalBuilder class using a new command line parameter "-- principalBuilder" and PrincipalBuilder configs using a new command line parameter "--principalBuilder-properties".

    • The "--allow-principal" will take list of properties as follows :

      Code Block
      languagejava
      themeMidnight
      bin/kafka-acls.sh ...... --principalBuilder <PrincipalBuilder-class> --principalBuilder-properties <PrincipalBuilder-properties> --add --allow-principal <principal-properties> --allow-principal <principal-properties> ...... --operations Read,Write --topic Test-topic

    • Add a new API to PrincipalBuilder :

      Code Block
      languagejava
      themeMidnight
      public interface PrincipalBuilder extends Configurable {
...

  /**
   * Build a Principal using the provided configs.
   *
   * @param  principalConfigs  configs used to create the Principal
   * @return Principal
   */
  Principal buildPrincipal(Map<String, ?> principalConfigs);

...
}
    • The specified PrincipalBuilder class will be responsible for building the Principal using the <principal-properties>.
    • The Principal generated by this PrincipalBuilder can then be included in KafkaPrincipal using the new constructor specified above.

    • The "--principalBuilder" and "--principalBuilder-properties" parameters are optional. If its not specified, the Kafka-acls.sh would still work as it does today.

Compatibility, Deprecation, and Migration Plan

What impact (if any) will there be on existing users?

The existing users implementing PrincipalBuilder interface will get compile time error and will have to add the new API implementation to resolve it.

If users use there custom PrincipalBuilder, they will have to implement there custom Authorizer as the out of box Authorizer that Kafka provides uses KafkaPrincipalThere is no compatibility impact as there is no change in behavior.

Test Plan

- Unit tests to validate that new changes work as expected without affecting the existing behavior.

Rejected Alternatives

Alternative 1 :

  • Kafka-acls.sh will allow to specify a custom PrincipalBuilder using a new command line parameter "-- principalBuilder" and PrincipalBuilder configs using a new command line parameter "--principalBuilder-properties". Users can use these to build their custom Principal (that implements Java Principal). Add a new API to PrincipalBuilder Interface :

    Code Block
    languagejava
    themeMidnight
    public interface PrincipalBuilder extends Configurable {
...
 /**
 * Build a Principal using name.
 *
 * @param name Principal name
 * @return Principal
 */
 Principal buildPrincipal(String name);
 
...
}
  • This PrincipalBuilder API will then be used to generate a Principal using the names specified in --allow-principal and --deny-principal parameters. This Principal can be included in KafkaPrincipal using the new constructor specified above.
  • This alternative was rejected due to following reasons :

    1. Since the Principal is built using the "--principalBuilder-properties", users can only specify a particular type of Principal(s) (using --allow-principal / --deny-principal) at a time.

    2. If users want to specify multiple types of Principals, they will have to run the kafka-acls.sh multiple times with different "--principalBuilder-properties", even if the Principals might have the same name. For example, we can have a service Principal with name "XYZ" and a user Principal with name "XYZ".

  • Due to above reasons, it is quite clear that it is less user friendly and not intuitive.

Alternative 2 :

  • Changes to kafka-acls.sh

    • Kafka-acls.sh will allow to specify a custom PrincipalBuilder class using a new command line parameter "-- principalBuilder" and PrincipalBuilder configs using a new command line parameter "--principalBuilder-properties".

    • The "--allow-principal" will take list of properties as follows :

      Code Block
      languagejava
      themeMidnight
      bin/kafka-acls.sh ...... --principalBuilder <PrincipalBuilder-class> --principalBuilder-properties <PrincipalBuilder-properties> --add --allow-principal <principal-properties> --allow-principal <principal-properties> ...... --operations Read,Write --topic Test-topic

    • Add a new API to PrincipalBuilder :

      Code Block
      languagejava
      themeMidnight
      public interface PrincipalBuilder extends Configurable {
...

  /**
   * Build a Principal using the provided configs.
   *
   * @param  principalConfigs  configs used to create the Principal
   * @return Principal
   */
  Principal buildPrincipal(Map<String, ?> principalConfigs);

...
}
    • The specified PrincipalBuilder class will be responsible for building the Principal using the <principal-properties>.
    • The Principal generated by this PrincipalBuilder can then be included in KafkaPrincipal using the new constructor specified above.

    • The "--principalBuilder" and "--principalBuilder-properties" parameters are optional. If its not specified, the Kafka-acls.sh would still work as it does today.

  • This was rejected as per discussions on the email thread as this is a nice to have feature but there is no urgent need for this.