Table of Contents |
---|
Status
Current state: Under DiscussionClosed (Covered by KIP-189)
Discussion thread: (Original Archive) (Markmail)
...
This KIP introduces a change to Session
class to accept a parameter of Java Principal
type instead of KafkaPrincipal
type.
This change will not affect the default ACL Authorizer
(SimpleAclAuthorizer
) as we would generate a KafkaPrincipal
from the Java Principal
in the default Authorizer
.
Proposed Changes
Change the
Session
class to accept a parameter of typeJava Principal
instead ofKafkaPrincipal
.Code Block language java theme Midnight case class Session(principal: Principal, clientAddress: InetAddress)
The
Authorizer
can access this principal object as follows :Code Block language java theme Midnight public boolean authorize(RequestChannel.Session session, Operation operation, Resource resource) { ... Principal principal = session.principal(); User_Defined_Principal principal = (User_Defined_Principal) principal; ... }
User_Defined_Principal
is thePrincipal
generated by thePrincipalBuilder
and it implementsJava Principal.
...
- This
PrincipalBuilder
API will then be used to generate aPrincipal
using the names specified in --allow-principal and --deny-principal parameters. ThisPrincipal
can be included inKafkaPrincipal
using the new constructor specified above. - This alternative was rejected due to following reasons :
Since the
Principal
is built using the "--principalBuilder-properties", users can only specify a particular type ofPrincipal
(s) (using --allow-principal / --deny-principal) at a time.If users want to specify multiple types of Principals, they will have to run the kafka-acls.sh multiple times with different "--principalBuilder-properties", even if the Principals might have the same name. For example, we can have a service
Principal
with name "XYZ" and a userPrincipal
with name "XYZ".
- Due to above reasons, it is quite clear that it is less user friendly and not intuitive.
Alternative 2 :
Changes to kafka-acls.sh
- Kafka-acls.sh will allow to specify a custom
PrincipalBuilder
class using a new command line parameter "-- principalBuilder" andPrincipalBuilder
configs using a new command line parameter "--principalBuilder-properties". The "--allow-principal" will take list of properties as follows :
Code Block language java theme Midnight bin/kafka-acls.sh ...... --principalBuilder <PrincipalBuilder-class> --principalBuilder-properties <PrincipalBuilder-properties> --add --allow-principal <principal-properties> --allow-principal <principal-properties> ...... --operations Read,Write --topic Test-topic
Add a new API to
PrincipalBuilder
:Code Block language java theme Midnight public interface PrincipalBuilder extends Configurable { ... /** * Build a Principal using the provided configs. * * @param principalConfigs configs used to create the Principal * @return Principal */ Principal buildPrincipal(Map<String, ?> principalConfigs); ... }
- The specified
PrincipalBuilder
class will be responsible for building thePrincipal
using the <principal-properties>. - The
Principal
generated by thisPrincipalBuilder
can then be included inKafkaPrincipal
using the new constructor specified above. The "--principalBuilder" and "--principalBuilder-properties" parameters are optional. If its not specified, the Kafka-acls.sh would still work as it does today.
- Kafka-acls.sh will allow to specify a custom
- This was rejected as per discussions on the email thread as this is a nice to have feature but there is no urgent need for this.
...