ThibaudAV commented on code in PR #18576:
URL: https://github.com/apache/kafka/pull/18576#discussion_r2185778322
##########
clients/src/main/java/org/apache/kafka/common/security/oauthbearer/internals/secured/ConfigurationUtils.java:
##########
@@ -228,4 +233,21 @@ public <T> T get(String name) {
return (T) configs.get(name);
}
+ // make sure the url is in the
"org.apache.kafka.sasl.oauthbearer.allowed.urls" system property
+ public void throwIfURLIsNotAllowed(String urlConfig) {
+ String allowedLoginModuleProp =
System.getProperty(ALLOWED_SASL_OAUTHBEARER_URLS_CONFIG);
+ if (allowedLoginModuleProp == null) {
+ // by default, we accept all URLs
+ return;
Review Comment:
Hello @showuon @mimaison,
Quick question : Why not keep a similar behaviour in v4.x or have a solution
not to impose this behaviour (like wildcard, flag) ?
Because of the sudden change between 3.x and 4.0, and the impossibility of
authorizing all urls in 4.0 🤔
Thank you for your answer
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: jira-unsubscr...@kafka.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
