KannarFr commented on PR #17411: URL: https://github.com/apache/pulsar/pull/17411#issuecomment-1514468941
> After reviewing this, here are a collection of thoughts on Pulsar's Authorization. > > At it's core, I think the problem described by #17406 is that `allowAutoTopicCreation` is a configuration about permission/authorization. Yes? > In my view, the `allowAutoTopicCreation=true` says "a role with permission to produce/consume to a topic also has permission to create that topic". The HTTP admin API does not comply with this sentence. The CREATE_TOPIC operation is defined and used by HTTP admin API authz checks. I agree that this is introducing breaking changes in the permissions system and this is a problem, but there is authZ plugin provider providing this operation check and does not verify it during producer/consumer. So, I have no idea what the best answer is, but we can't stay and need to find a solution or make a decision here. > This change proposes that `allowAutoTopicCreation=true` and produce/consumer permissions are insufficient, and that a role must also have explicit permission to create a topic. Well, this is the default behavior of every configurations keys in pulsar. Like namespace policies or tiered storage configurations, there is a default value that can be overridden by custom namespace policies. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
