THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
...
Step 1. Filter out resources that are authorized
1.1 Use traditional principals to verify first
1.2 If the resource is authorized, and if this is the active controller, process it
1.3 Otherwise package the authorized resources and send to the active controller as Envelope
Step 2. Check the Envelope request to see if this is a forwarding request, by checking whether it sets initial principal fields and come from privileged listener
2.1 Use CLUSTER_ACTION to verify, and if the resource is not authorized, return CLUSTER_AUTHORIZATION_FAILURE to propagate back to the original client through forwarding broker
2.2 if the resource is authorized but this is not the active controller, return NOT_CONTROLLER to the sender (forwarding broker) for retry
2.3 Process the resource
Step 3. Handle the returned EnvelopeResponse
33.1 If 1 If the top level error code is NOT_CONTROLLER, retry until timeout
3.2 If 2 If the error is CLUSTER_AUTHORIZATION_FAILURE, set top level or resource level error code in the original RPC response.
3.3 Merge 3.3 Merge with other unauthorized resource and return back to the admin client
As suggested in the above process, a new error code shall be implemented for internal authentication failure:
...