lhotari opened a new pull request #9746:
URL: https://github.com/apache/pulsar/pull/9746
Fixes #9709
### Motivation
Enabling authorization without enabling authentication leads to inconsistent
behavior.
In some parts of the code, authorization is enforced only when both
authorization is enabled and authentication is enabled. In a few places, it's
enforced if authorization is enabled without checking for authentication.
To prevent misleading behavior, it's better to check at startup time that
authentication is enabled when authorization is enabled.
### Modifications
- check the configuration before starting the Pulsar broker or Pulsar proxy
- fix AuthorizationTest where authentication configuration was missing
- add the necessary authentication configuration for the test
### About the fix to flaky test AuthorizationTest.simple
This change fixes the flaky test #9709, but it remains unclear why the test
was passing in some cases.
It seems that the test is picking up state from some other test run. There
are interesting observations in PR #9740 about the reasons why it passes in
some cases.
Some effort was put into checking if the usage of [Jersey / JAX RS
`@Context`
annotation](https://eclipse-ee4j.github.io/jersey.github.io/documentation/latest/jaxrs-resources.html#d0e2871)
on the PulsarWebResource's httpRequest field could be causing some concurrency
issue, but that verification didn't reveal issues.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
