polyzos opened a new issue, #1467: URL: https://github.com/apache/fluss/issues/1467
### Search before asking - [x] I searched in the [issues](https://github.com/alibaba/fluss/issues) and found nothing similar. ### Motivation ### Authentication modes: * **PLAINTEXT:** no identity checking at all; everyone is “anonymous”. * **SASL/PLAIN:** user + password pairs defined in the JAAS config string ### Current Limitations Currently, Fluss doesn’t have a way to **create/delete** users dynamically. When SASL/PLAIN authentication is enabled ,users are hardcoded in the server’s JAAS string inside conf/server.yaml; Fluss reads that list at startup. To add someone later it requires: * edit the JAAS line and append another entry * restart the brokers (or roll out the new container image/config map) After the node restarts, the new user can log in, and you can assign fine-grained rights using the ACL procedures (CALL … add_acl) that Fluss exposes through Flink SQL or achieve the same via the Java Client API. ### Practical security implications * **Static user list:** Every credential change triggers a restart; risky if you need emergency revocation. * **Passwords in clear text:** Anyone with read access to the config sees every password. To address this limitation, we could introduce something like a **dynamic user management extension** for Fluss. This should allow **creating** and **deleting** users at runtime without broker restarts, by storing credentials in Apache ZooKeeper (or other service) and integrating with Fluss’s authentication framework. So in a nutshell something like a **User Management API ** in the Fluss client library and a **Dynamic Credential Store ** on the Fluss brokers, where user credentials (username & hashed password) are stored persistently in ZooKeeper (ZK) could help solve this. Flux brokers can load these credentials at startup and monitor changes in ZK to update in-memory user lists on the fly. ### Solution _No response_ ### Anything else? _No response_ ### Willingness to contribute - [ ] I'm willing to submit a PR! -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
