dragonls edited a comment on issue #10221: URL: https://github.com/apache/pulsar/issues/10221#issuecomment-819207592
Dig into the code, the broker will check the operation in [org.apache.pulsar.broker.service.ServerCnx#isTopicOperationAllowed](https://github.com/apache/pulsar/blob/master/pulsar-broker/src/main/java/org/apache/pulsar/broker/service/ServerCnx.java#L305) In this case: `service.isAuthorizationEnabled()` is `true`, `originalPrincipal` is `roleA`, `authRole` is `proxy-admin`. `isProxyAuthorizedFuture` will be `true`, `isAuthorizedFuture` will throw the `PulsarServerException`(actually throws in [org.apache.pulsar.broker.authorization.PulsarAuthorizationProvider#canConsumeAsync](https://github.com/apache/pulsar/blob/master/pulsar-broker-common/src/main/java/org/apache/pulsar/broker/authorization/PulsarAuthorizationProvider.java#L135), passing `proxy-admin` as role will throw the exception), which results the failure of consumer. One simple solution is that, `permissionFuture.complete(false)` instead of `permissionFuture.completeExceptionally(ex)`, not throwing the exception in [org.apache.pulsar.broker.authorization.PulsarAuthorizationProvider#canConsumeAsync](https://github.com/apache/pulsar/blob/master/pulsar-broker-common/src/main/java/org/apache/pulsar/broker/authorization/PulsarAuthorizationProvider.java#L135). But I don't think it is a good solution, it may change the error message for those consumers using invalid role to subscribe, e.g., `roleB` to subscribe `persistent://test/auth/topic` with subscription `roleA-test`. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected]
