[ https://issues.apache.org/jira/browse/KAFKA-2211?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14727971#comment-14727971 ]
Jun Rao commented on KAFKA-2211: -------------------------------- A couple of other things: 1. Since the authorizer uses KafkaPrincipal for comparison, in SocketServer, when creating the session object, we should create a KafkaPrincipal instead of using KafkaChannel.principal(). Otherwise, it won't match the KafkaPrincipal used in authorizer. The type in KafkaPrincipal should always be USER and the name should be KafkaChannel.principal().getName(). 2. We should add some unit tests to verify that a client response gets the correct unauthorized error code from the broker if the needed ACL is not set. Ideally we want to cover all types of request and have some mix of authorized and unauthorized topics. This can be done either in this jira or in KAFKA-2212. > KafkaAuthorizer: Add simpleACLAuthorizer implementation. > -------------------------------------------------------- > > Key: KAFKA-2211 > URL: https://issues.apache.org/jira/browse/KAFKA-2211 > Project: Kafka > Issue Type: Sub-task > Components: security > Reporter: Parth Brahmbhatt > Assignee: Parth Brahmbhatt > Priority: Blocker > Fix For: 0.8.3 > > Attachments: KAFKA-2211.patch > > > Subtask-2 for Kafka-1688. > Please see KIP-11 to get details on out of box SimpleACLAuthorizer > implementation > https://cwiki.apache.org/confluence/display/KAFKA/KIP-11+-+Authorization+Interface. -- This message was sent by Atlassian JIRA (v6.3.4#6332)