Re: Kafka Authorizer interface review

Hi Mickael, Thanks for detailed description on these authorization issues. I agree they need to be reviewed and fixed in the areas you specified, or even at a higher that simplifies their maintenance as the matrix is expanded or needs to be modified. FYI, KIP-231 also attempts at addressing the

Re: Kafka Authorizer interface review

bq. you too are concerned about the current delete record/topic limitation Yes. I think this is a security hole. On Tue, Apr 3, 2018 at 9:37 AM, Mickael Maison wrote: > Yes this is indeed a typo! > > And yes we're considering filing another KIP but I thought

Re: Kafka Authorizer interface review

Yes this is indeed a typo! And yes we're considering filing another KIP but I thought collecting all our feedback and providing a full summary might be beneficial for others. I see you too are concerned about the current delete record/topic limitation. On Tue, Apr 3, 2018 at 5:26 PM, Ted Yu

Re: Kafka Authorizer interface review

bq. There is now way to distinguish between topic and record deletion. I guess you meant 'no way' above. I think deleting a topic has higher impact than deleting records. Have you considered filing KIP to distinguish the two operations ? Cheers On Tue, Apr 3, 2018 at 9:22 AM, Mickael Maison