@kafka.apache.orgmailto:dev@kafka.apache.org
Date: Friday, April 17, 2015 at 7:34 AM
To: dev@kafka.apache.orgmailto:dev@kafka.apache.org
dev@kafka.apache.orgmailto:dev@kafka.apache.org
Subject: Re: [DISCUSSION] KIP-11: ACL Management
Gwen,
There is one product called
On Thu, Apr 16, 2015 at 6:13 PM, Jun Rao j...@confluent.io wrote:
Hi, Gwen,
What you suggested seems reasonable. I guess we will need the Principal,
Privilege pair and the Resource in grant() and revoke()?
I thought that Privilege is a Resource+Action, which is why grant and
revoke can take
@kafka.apache.org
Date: Friday, April 17, 2015 at 7:34 AM
To: dev@kafka.apache.orgmailto:dev@kafka.apache.org
dev@kafka.apache.orgmailto:dev@kafka.apache.org
Subject: Re: [DISCUSSION] KIP-11: ACL Management
Gwen,
There is one product called ElasticSearch which has been quite
successful
@kafka.apache.orgmailto:dev@kafka.apache.org
dev@kafka.apache.orgmailto:dev@kafka.apache.org
Date: Friday, April 17, 2015 at 7:34 AM
To: dev@kafka.apache.orgmailto:dev@kafka.apache.org
dev@kafka.apache.orgmailto:dev@kafka.apache.org
Subject: Re: [DISCUSSION] KIP-11: ACL Management
Gwen
, April 17, 2015 at 7:34 AM
To: dev@kafka.apache.orgmailto:dev@kafka.apache.org
dev@kafka.apache.orgmailto:dev@kafka.apache.org
Subject: Re: [DISCUSSION] KIP-11: ACL Management
Gwen,
There is one product called ElasticSearch which has been quite
successful. They recently added security
To: dev@kafka.apache.orgmailto:dev@kafka.apache.org
dev@kafka.apache.orgmailto:dev@kafka.apache.org
Subject: Re: [DISCUSSION] KIP-11: ACL Management
Gwen,
There is one product called ElasticSearch which has been quite
successful. They recently added security, what they actually did
@kafka.apache.orgmailto:dev@kafka.apache.org
Subject: Re: [DISCUSSION] KIP-11: ACL Management
Gwen,
There is one product called ElasticSearch which has been
quite
successful. They recently added security, what they actually did is
quite nice. They really separated Authentication
@kafka.apache.org
Date: Friday, April 17, 2015 at 7:34 AM
To: dev@kafka.apache.orgmailto:dev@kafka.apache.org
dev@kafka.apache.orgmailto:dev@kafka.apache.org
Subject: Re: [DISCUSSION] KIP-11: ACL Management
Gwen,
There is one product called ElasticSearch which has been
quite
I looked into the consumer offset storage and it seems like for acl
storage we should not need something as complex. Consumer offset has
different throughput requirements which is why I think it made sense to
move away from zookeeper. Acls on the other hand seldom change and because
of the caching
Hi Kafka Authorization Fans,
I'm starting a new thread on a specific sub-topic of KIP-11, since
this is a bit long :)
Currently KIP-11, as I understand it, proposes:
* Authorizers are pluggable, with Kafka providing DefaultAuthorizer.
* Kafka tools allow adding / managing ACLs.
* Those ACLs are
Hi, Gwen,
What you suggested seems reasonable. I guess we will need the Principal,
Privilege pair and the Resource in grant() and revoke()?
Is the Hive authorization api the following? It's weird that it takes user
in checkPermissions(), but not in authorize().
Hi Gwen -
I tend to agree with your proposal. As you mention the exact details /
interfaces would need to be worked out, but this would be more in line with
how JAAS and JACC work in the Java / JEE worlds.
I do think that it might be nice to include / provide some helper APIs /
methods for
12 matches
Mail list logo
