This is an automated email from the ASF dual-hosted git repository.
mmarshall pushed a commit to branch branch-2.10
in repository https://gitbox.apache.org/repos/asf/pulsar.git
The following commit(s) were added to refs/heads/branch-2.10 by this push:
new 36f0db58136 [fix][broker] Only validate superuser access if authz
enabled (#19989)
36f0db58136 is described below
commit 36f0db581361e596fb7984a6c57ce192a1d4459c
Author: Michael Marshall <[email protected]>
AuthorDate: Wed Apr 5 18:10:55 2023 -0500
[fix][broker] Only validate superuser access if authz enabled (#19989)
In #19455, I added a requirement that only the proxy role could supply an
original principal. That check is only supposed to apply when the broker has
authorization enabled. However, in one case, that was not the case. This PR
does a check and returns early when authorization is not enabled in the broker.
See https://github.com/apache/pulsar/pull/19830#issuecomment-1492262201 for
additional motivation.
* Update the `PulsarWebResource#validateSuperUserAccessAsync` to only
validate when authentication and authorization are enabled in the configuration.
This is a trivial change. It'd be good to add tests, but I didn't include
them here because this is a somewhat urgent fix. There was one test that broke
because of this change, so there is at least some existing coverage.
- [x] `doc-not-needed`
PR in forked repository: https://github.com/michaeljmarshall/pulsar/pull/39
(cherry picked from commit 1a6c28dd0072de05a544dbc9243bfbe6bccea5db)
---
.../pulsar/broker/web/PulsarWebResource.java | 29 ++++++++--------------
1 file changed, 11 insertions(+), 18 deletions(-)
diff --git
a/pulsar-broker/src/main/java/org/apache/pulsar/broker/web/PulsarWebResource.java
b/pulsar-broker/src/main/java/org/apache/pulsar/broker/web/PulsarWebResource.java
index 1015369ee5d..54f96cfb0b0 100644
---
a/pulsar-broker/src/main/java/org/apache/pulsar/broker/web/PulsarWebResource.java
+++
b/pulsar-broker/src/main/java/org/apache/pulsar/broker/web/PulsarWebResource.java
@@ -183,8 +183,8 @@ public abstract class PulsarWebResource {
return true;
}
- public CompletableFuture<Void> validateSuperUserAccessAsync(){
- if (!config().isAuthenticationEnabled()) {
+ public CompletableFuture<Void> validateSuperUserAccessAsync() {
+ if (!config().isAuthenticationEnabled() ||
!config().isAuthorizationEnabled()) {
return CompletableFuture.completedFuture(null);
}
String appId = clientAppId();
@@ -219,22 +219,15 @@ public abstract class PulsarWebResource {
}
});
} else {
- if (config().isAuthorizationEnabled()) {
- return pulsar.getBrokerService()
- .getAuthorizationService()
- .isSuperUser(appId, clientAuthData())
- .thenAccept(proxyAuthorizationSuccess -> {
- if (!proxyAuthorizationSuccess) {
- throw new RestException(Status.UNAUTHORIZED,
- "This operation requires super-user
access");
- }
- });
- }
- if (log.isDebugEnabled()) {
- log.debug("Successfully authorized {} as super-user",
- appId);
- }
- return CompletableFuture.completedFuture(null);
+ return pulsar.getBrokerService()
+ .getAuthorizationService()
+ .isSuperUser(appId, clientAuthData())
+ .thenAccept(proxyAuthorizationSuccess -> {
+ if (!proxyAuthorizationSuccess) {
+ throw new RestException(Status.UNAUTHORIZED,
+ "This operation requires super-user
access");
+ }
+ });
}
}
