On Wednesday, October 12, 2022, Patrik Márton (Jira) <j...@apache.org> wrote:
> Patrik Márton created KAFKA-14293: > ------------------------------------- > > Summary: Basic Auth filter should set the SecurityContext > after a successful login > Key: KAFKA-14293 > URL: https://issues.apache.org/jira/browse/KAFKA-14293 > Project: Kafka > Issue Type: Improvement > Reporter: Patrik Márton > > > Currently, the JaasBasicAuthFilter does not set the security context of > the request after a successful login. However, this information of an > authenticated user might be required for further processing, for example to > perform authorization checks after the authentication. > > > The filter should be extended to add the Security Context after a > successful login. > > Another improvement would be to assign the right Priority to the filter. > The current implementation uses the default priority, which is > Priorities.USER = 5000. This is a lower priority than for example > AUTHORIZATION, which means that the basic auth filter would run after > authorization filters. > > > Assing the correct Priorities.AUTHENTICATION = 1000 priority to the > filter > > > > -- > This message was sent by Atlassian Jira > (v8.20.10#820010) >
