jai1 opened a new pull request #1169: Proxy forward auth data URL: https://github.com/apache/incubator-pulsar/pull/1169 Review this PR after https://github.com/apache/incubator-pulsar/pull/1168 Have rebased this PR on top of https://github.com/apache/incubator-pulsar/pull/1168 ====== Currently the proxy extracts and forwards the client Principal to the broker. Client Principal is a modifiable string i.e can be changed or manufactured by the Proxy. What we want to do instead is to send the clientAuthData to the broker - which is in most cases digitally signed. The broker will extract the client principal from the clientAuthData and reauthenticate the client. In order to enforce this behavior we have introduced two new flags:- - authenticateOriginalAuthData on the broker - forwardClientAuthData on the Proxy ====== @msb-at-yahoo
---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services