[
https://issues.apache.org/jira/browse/KAFKA-5714?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16123932#comment-16123932
]
Alla Tumarkin commented on KAFKA-5714:
--------------------------------------
Here is the scenario (actual commands below)
- Remove all ACLs
- In server.properties, add the principal as it is in the certificate, without
removing white spaces
{code}
super.users=User:CN=Unknown, OU=Unknown, O=Unknown, L=Unknown, ST=Unknown,
C=Unknown
{code}
- Restart the broker
- Create a topic - will work
- Delete this topic - will mark for deletion but actually will not get deleted
To fix this, repeat the steps from above, with principal name that has no spaces
{code}
super.users=User:CN=Unknown,OU=Unknown,O=Unknown,L=Unknown,ST=Unknown,C=Unknown
{code}
Commands
{code}
bin/kafka-acls --authorizer-properties zookeeper.connect=localhost:2181 --list
bin/kafka-topics --zookeeper localhost:2181 --create --topic test --partitions
1 --replication-factor 1
bin/kafka-topics --zookeeper localhost:2181 --delete --topic test
{code}
> Allow whitespaces in the principal name
> ---------------------------------------
>
> Key: KAFKA-5714
> URL: https://issues.apache.org/jira/browse/KAFKA-5714
> Project: Kafka
> Issue Type: Improvement
> Components: security
> Affects Versions: 0.10.2.1
> Reporter: Alla Tumarkin
> Assignee: Manikumar
>
> Request
> Improve parser behavior to allow whitespaces in the principal name in the
> config file, as in:
> {code}
> super.users=User:CN=Unknown, OU=Unknown, O=Unknown, L=Unknown, ST=Unknown,
> C=Unknown
> {code}
> Background
> Current implementation requires that there are no whitespaces after commas,
> i.e.
> {code}
> super.users=User:CN=Unknown,OU=Unknown,O=Unknown,L=Unknown,ST=Unknown,C=Unknown
> {code}
> Note: having a semicolon at the end doesn't help, i.e. this does not work
> either
> {code}
> super.users=User:CN=Unknown, OU=Unknown, O=Unknown, L=Unknown, ST=Unknown,
> C=Unknown;
> {code}
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
