kafka-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From jun...@apache.org
Subject kafka git commit: trivial fix to 0.9.0 docs
Date Wed, 18 Nov 2015 03:06:09 GMT
Repository: kafka
Updated Branches:
  refs/heads/trunk dbdec927b -> 17c6f3312


trivial fix to 0.9.0 docs


Project: http://git-wip-us.apache.org/repos/asf/kafka/repo
Commit: http://git-wip-us.apache.org/repos/asf/kafka/commit/17c6f331
Tree: http://git-wip-us.apache.org/repos/asf/kafka/tree/17c6f331
Diff: http://git-wip-us.apache.org/repos/asf/kafka/diff/17c6f331

Branch: refs/heads/trunk
Commit: 17c6f33126823c4f54ea22ed2284267271b58e21
Parents: dbdec92
Author: Jun Rao <junrao@gmail.com>
Authored: Tue Nov 17 19:00:30 2015 -0800
Committer: Jun Rao <junrao@gmail.com>
Committed: Tue Nov 17 19:05:53 2015 -0800

----------------------------------------------------------------------
 core/src/main/scala/kafka/admin/AclCommand.scala |  2 +-
 docs/security.html                               | 14 +++++++-------
 2 files changed, 8 insertions(+), 8 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/kafka/blob/17c6f331/core/src/main/scala/kafka/admin/AclCommand.scala
----------------------------------------------------------------------
diff --git a/core/src/main/scala/kafka/admin/AclCommand.scala b/core/src/main/scala/kafka/admin/AclCommand.scala
index 1eb9a40..6ec0cf8 100644
--- a/core/src/main/scala/kafka/admin/AclCommand.scala
+++ b/core/src/main/scala/kafka/admin/AclCommand.scala
@@ -76,7 +76,7 @@ object AclCommand {
     val resourceToAcl = getResourceToAcls(opts)
 
     if (resourceToAcl.values.exists(_.isEmpty))
-      CommandLineUtils.printUsageAndDie(opts.parser, "You must specify one of: --allow-principals,
--deny-principals when trying to add acls.")
+      CommandLineUtils.printUsageAndDie(opts.parser, "You must specify one of: --allow-principal,
--deny-principal when trying to add acls.")
 
     for ((resource, acls) <- resourceToAcl) {
       val acls = resourceToAcl(resource)

http://git-wip-us.apache.org/repos/asf/kafka/blob/17c6f331/docs/security.html
----------------------------------------------------------------------
diff --git a/docs/security.html b/docs/security.html
index da9c3c6..eb5dadb 100644
--- a/docs/security.html
+++ b/docs/security.html
@@ -1,4 +1,4 @@
-
+<!--
  Licensed to the Apache Software Foundation (ASF) under one or more
  contributor license agreements.  See the NOTICE file distributed with
  this work for additional information regarding copyright ownership.
@@ -266,7 +266,7 @@ Kafka ships with a pluggable Authorizer and an out-of-box authorizer implementat
 One can also add super users in broker.properties like the following.
 <pre>super.users=User:Bob;User:Alice</pre>
 By default, the SSL user name will be of the form "CN=writeuser,OU=Unknown,O=Unknown,L=Unknown,ST=Unknown,C=Unknown".
One can change that by setting a customized PrincipalBuilder in broker.properties like the
following.
-<pre>principal.builder.classs=CustomizedPrincipalBuilderClass</pre>
+<pre>principal.builder.class=CustomizedPrincipalBuilderClass</pre>
 By default, the SASL user name will be the primary part of the Kerberos principal. One can
change that by setting <code>sasl.kerberos.principal.to.local.rules</code> to
a customized rule in broker.properties.
 <h4><a id="security_authz_cli" href="#security_authz_cli">Command Line Interface</a></h4>
 Kafka Authorization management CLI can be found under bin directory with all the other CLIs.
The CLI script is called <b>kafka-acls.sh</b>. Following lists all the options
that the script supports:
@@ -340,14 +340,14 @@ Kafka Authorization management CLI can be found under bin directory
with all the
     </tr>
     <tr>
         <td>--allow-host</td>
-        <td>Host from which principals listed in --allow-principals will have access.</td>
-        <td> if --allow-principals is specified defaults to * which translates to "all
hosts"</td>
+        <td>Host from which principals listed in --allow-principal will have access.</td>
+        <td> if --allow-principal is specified defaults to * which translates to "all
hosts"</td>
         <td>Host</td>
     </tr>
     <tr>
         <td>--deny-host</td>
-        <td>Host from which principals listed in --deny-principals will be denied access.</td>
-        <td>if --deny-principals is specified defaults to * which translates to "all
hosts"</td>
+        <td>Host from which principals listed in --deny-principal will be denied access.</td>
+        <td>if --deny-principal is specified defaults to * which translates to "all
hosts"</td>
         <td>Host</td>
     </tr>
     <tr>
@@ -378,7 +378,7 @@ Kafka Authorization management CLI can be found under bin directory with
all the
 Suppose you want to add an acl "Principals User:Bob and User:Alice are allowed to perform
Operation Read and Write on Topic Test-Topic from Host1 and Host2". You can do that by executing
the CLI with following options:
         <pre>bin/kafka-acls.sh --authorizer kafka.security.auth.SimpleAclAuthorizer
--authorizer-properties zookeeper.connect=localhost:2181 --add --allow-principal User:Bob
--allow-principal User:Alice --allow-host Host1 --allow-host Host2 --operation Read --operation
Write --topic Test-topic</pre>
         By default all principals that don't have an explicit acl that allows access for
an operation to a resource are denied. In rare cases where an allow acl is defined that allows
access to all but some principal we will have to use the --deny-principal and --deny-host
option. For example, if we want to allow all users to Read from Test-topic but only deny User:BadBob
from host bad-host we can do so using following commands:
-        <pre>bin/kafka-acls.sh --authorizer kafka.security.auth.SimpleAclAuthorizer
--authorizer-properties zookeeper.connect=localhost:2181 --add --allow-principal User:* --allow-hosts
* --deny-principal User:BadBob --deny-host bad-host --operation Read--topic Test-topic</pre>
+        <pre>bin/kafka-acls.sh --authorizer kafka.security.auth.SimpleAclAuthorizer
--authorizer-properties zookeeper.connect=localhost:2181 --add --allow-principal User:* --allow-host
* --deny-principal User:BadBob --deny-host bad-host --operation Read --topic Test-topic</pre>
         Above examples add acls to a topic by specifying --topic [topic-name] as the resource
option. Similarly user can add acls to cluster by specifying --cluster and to a consumer group
by specifying --consumer-group [group-name].</li>
 
     <li><b>Removing Acls</b><br>


Mime
View raw message