ivankelly opened a new pull request #2028: Original principal authorization for admin API URL: https://github.com/apache/incubator-pulsar/pull/2028 The broker admin checks if the authenticated user is listed as a proxy user. If so, it checks looks for the header X-Original-Principal, and validates that the role is authorized to access the resource in question. There are two use cases: 1. The proxy role is a normal role. In this case, if a resource is to be used via the proxy, the proxy user must be explicitly granted permission on the resource. So, to use the admin api for a tenant, the proxy role must be listed as a tenant admin. 2. The proxy role is a superuser role. In this case, any resource can be used via the proxy as long as the user authorized with the proxy is authorized to use the resource. However, if the proxy is compromised, a bad actor has full access to the cluster. This patch is the first part of a fix for #1991.
---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected] With regards, Apache Git Services
