BewareMyPower commented on code in PR #15799: URL: https://github.com/apache/pulsar/pull/15799#discussion_r882322995
########## site2/docs/security-extending.md: ########## @@ -52,7 +52,19 @@ authenticationProviders= ``` -For the implementation of the `org.apache.pulsar.broker.authentication.AuthenticationProvider` interface, refer to [here](https://github.com/apache/pulsar/blob/master/pulsar-broker-common/src/main/java/org/apache/pulsar/broker/authentication/AuthenticationProvider.java). +:::tip + +Pulsar supports an authentication provider chain that contains multiple authentication providers with the same authentication method name. + +For example, your Pulsar cluster uses JSON Web Token (JWT) authentication and you want to upgrade it to use OAuth2.0 authentication. Both JWT and OAuth2.0 share the same authentication method name. In this case, you can chain the two class names in `authenticationProviders` and separate them by using a comma. + +```properties +authenticationProviders=org.apache.pulsar.broker.authentication.AuthenticationProviderJWT,org.apache.pulsar.broker.authentication.AuthenticationProviderOAuth2 Review Comment: There is no `AuthenticationProviderJWT`, instead, it should be `AuthenticationProviderToken`. There is no `AuthenticationProviderOAuth2` in Pulsar repo as well. Pulsar uses `AuthenticationProviderToken` to enable OAuth2 authentication as well, see https://pulsar.apache.org/docs/next/security-oauth2#broker-configuration. https://github.com/apache/pulsar/pull/9094 is not a PR that supports chained authentication providers, it supports chained authentication providers **with the same auth method name**. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
