[
https://issues.apache.org/jira/browse/KAFKA-3469?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15222336#comment-15222336
]
Flavio Junqueira commented on KAFKA-3469:
-----------------------------------------
[~singhashish] right, you're assuming two different principals and the current
implementation assumes that there is only one shared by all processes that
access the znodes. During the discussion of KIP-38 we talked about enabling the
addition of different principal so that we can support scenarios like the one
you describe. Currently, that's not possible, but zk itself does support it.
Perhaps this jira could be the implementation of that feature.
> kafka-topics lock down znodes with user principal when zk security is enabled.
> ------------------------------------------------------------------------------
>
> Key: KAFKA-3469
> URL: https://issues.apache.org/jira/browse/KAFKA-3469
> Project: Kafka
> Issue Type: Bug
> Reporter: Ashish K Singh
> Assignee: Ashish K Singh
>
> In envs where ZK is kerberized, if a user, other than user running kafka
> processes, creates a topic, ZkUtils will lock down corresponding znodes for
> the user. Kafka will not be able to modify those znodes and that leaves the
> topic unusable.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
