hachikuji commented on a change in pull request #9850:
URL: https://github.com/apache/kafka/pull/9850#discussion_r555221278



##########
File path: core/src/main/scala/kafka/server/KafkaApis.scala
##########
@@ -186,77 +160,70 @@ class KafkaApis(val requestChannel: RequestChannel,
       trace(s"Handling request:${request.requestDesc(true)} from connection 
${request.context.connectionId};" +
         
s"securityProtocol:${request.context.securityProtocol},principal:${request.context.principal}")
 
-      val handled = request.envelope.exists { envelope =>

Review comment:
       We do all the same validation in `handleEnvelope` now. Previously the 
parsing would get done in SocketServer, which means that when the embedded 
request is first handled at this layer, the envelope still needs authorization. 
Now we will not even create the embedded request object unless the envelope has 
been authorized.




----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


Reply via email to