Related to these questions, I create a jira to track testing/validating these expectations for both the internal SimpleAuthorizer and any third party implemented authorizer:
KAFKA-3329 <https://issues.apache.org/jira/browse/KAFKA-3329>: Validation script to test expected behavior of Authorizer implementations On Thu, Mar 3, 2016 at 11:33 AM, Grant Henke <ghe...@cloudera.com> wrote: > I am working on the List/Alter ACLs patch ( > https://github.com/apache/kafka/pull/1005) for KIP-4 and have a few > questions around expectations for an Authorizer implementation: > > - What is the expected behavior when I add the same ACL twice? > - What is the expected behavior when I remove an ACL that is not set? > - What type of "permission inheritance" is an implementer of the > Authorizer interface supposed to follow: > - Example: READ or WRITE automatically grants DESCRIBE > - Is the Authorizer implementation expected to manage blocking/local > cache consistency across all instances? > - Or should all requests go to 1 instance? > - This is related to the bug found while working on this patch: > KAFKA-3328 <https://issues.apache.org/jira/browse/KAFKA-3328> > > Thanks, > Grant > > -- > Grant Henke > Software Engineer | Cloudera > gr...@cloudera.com | twitter.com/gchenke | linkedin.com/in/granthenke > -- Grant Henke Software Engineer | Cloudera gr...@cloudera.com | twitter.com/gchenke | linkedin.com/in/granthenke