nodece commented on code in PR #21429:
URL: https://github.com/apache/pulsar/pull/21429#discussion_r1371777873
##########
pulsar-broker-common/src/main/java/org/apache/pulsar/broker/authentication/AuthenticationDataSubscription.java:
##########
@@ -71,4 +71,8 @@ public boolean hasSubscription() {
public String getSubscription() {
return subscription;
}
+
+ public AuthenticationDataSource getAuthData() {
Review Comment:
I have communicated with @Technoboy- T offline. I don't suggest that add
`getAuthData()` method, and makes the code difficult to maintain.
The following are my ideas:
- idea 1
Add a new `AuthenticationDataSource` for the anonymous role, and then check
the `authData` type.
- idea 2
Change the
`org.apache.pulsar.broker.authorization.MultiRolesTokenAuthorizationProvider#getRoles`
logic to quickly return `role` when `role` equals anonymous role:
```
private Set<String> getRoles(String role, AuthenticationDataSource
authData) {
if (authData == null || role.equals(conf.getAnonymousUserRole())) {
return Collections.singleton(role);
}
```
There will be a pitfall here, if the client role is equal to the anonymous
role, the real roles cannot be obtained from `authData`.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
