omkreddy commented on code in PR #12896:
URL: https://github.com/apache/kafka/pull/12896#discussion_r1036248697
##########
core/src/test/scala/integration/kafka/api/EndToEndAuthorizationTest.scala:
##########
@@ -36,15 +37,33 @@ import
org.apache.kafka.common.errors.{GroupAuthorizationException, TopicAuthori
import org.apache.kafka.common.resource._
import org.apache.kafka.common.resource.ResourceType._
import org.apache.kafka.common.resource.PatternType.{LITERAL, PREFIXED}
-import org.apache.kafka.common.security.auth.KafkaPrincipal
+import org.apache.kafka.common.security.auth._
+import
org.apache.kafka.common.security.authenticator.DefaultKafkaPrincipalBuilder
+import org.apache.kafka.common.config.internals.BrokerSecurityConfigs
import org.apache.kafka.server.metrics.KafkaYammerMetrics
import org.junit.jupiter.api.Assertions._
-import org.junit.jupiter.api.{AfterEach, BeforeEach, Test, TestInfo, Timeout}
+import org.junit.jupiter.api.{AfterEach, BeforeEach, TestInfo, Timeout}
import org.junit.jupiter.params.ParameterizedTest
import org.junit.jupiter.params.provider.ValueSource
import scala.jdk.CollectionConverters._
+/**
+ * All broker to controller communications is authenticated as PLAINTEXT in
these tests.
Review Comment:
For broker -> controller communication, we forward the authenticated
principal (`User:server`) on broker to controller nodes using forward request
mechanism.
we can include "User:ANONYMOUS" to `super.users` config to allow PLAINTEXT
communication between controller nodes communication.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: jira-unsubscr...@kafka.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
