michaeljmarshall commented on PR #19455: URL: https://github.com/apache/pulsar/pull/19455#issuecomment-1463223990
> This change is always positive, but we shouldn't affect the old version because many users don't care about the `proxyRoles`. Once the user upgrades the Pulsar version, this user gets an error about the proxy role. I do not think we should revert this change from old branches. The risk to users is that misconfiguration leads to excessive permissions, as I documented. The solution is to use dedicated authentication data for a proxy so that it has a proxy role. I will reply on the mailing list as well. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
