kafka-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From jun...@apache.org
Subject [kafka] branch trunk updated: KAFKA-3097: Update docs to mention PrincipalType "User" is case sensitive (#5734)
Date Tue, 09 Oct 2018 18:53:07 GMT
This is an automated email from the ASF dual-hosted git repository.

junrao pushed a commit to branch trunk
in repository https://gitbox.apache.org/repos/asf/kafka.git


The following commit(s) were added to refs/heads/trunk by this push:
     new 15dbab0  KAFKA-3097: Update docs to mention PrincipalType "User" is case sensitive
(#5734)
15dbab0 is described below

commit 15dbab0e35063714b7bbea58176d1627878c15c3
Author: Manikumar Reddy O <manikumar.reddy@gmail.com>
AuthorDate: Wed Oct 10 00:22:57 2018 +0530

    KAFKA-3097: Update docs to mention PrincipalType "User" is case sensitive (#5734)
    
    Reviewers: Jun Rao <junrao@gmail.com>
---
 docs/security.html | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/docs/security.html b/docs/security.html
index 72ba239..b018334 100644
--- a/docs/security.html
+++ b/docs/security.html
@@ -1018,7 +1018,7 @@
     <pre>authorizer.class.name=kafka.security.auth.SimpleAclAuthorizer</pre>
     Kafka acls are defined in the general format of "Principal P is [Allowed/Denied] Operation
O From Host H on any Resource R matching ResourcePattern RP". You can read more about the
acl structure in KIP-11 and resource patterns in KIP-290. In order to add, remove or list
acls you can use the Kafka authorizer CLI. By default, if no ResourcePatterns match a specific
Resource R, then R has no associated acls, and therefore no one other than super users is
allowed to access R. If you want [...]
     <pre>allow.everyone.if.no.acl.found=true</pre>
-    One can also add super users in server.properties like the following (note that the delimiter
is semicolon since SSL user names may contain comma).
+    One can also add super users in server.properties like the following (note that the delimiter
is semicolon since SSL user names may contain comma). Default PrincipalType string "User"
is case sensitive.
     <pre>super.users=User:Bob;User:Alice</pre>
     By default, the SSL user name will be of the form "CN=writeuser,OU=Unknown,O=Unknown,L=Unknown,ST=Unknown,C=Unknown".
One can change that by setting a customized PrincipalBuilder in server.properties like the
following.
     <pre>principal.builder.class=CustomizedPrincipalBuilderClass</pre>
@@ -1119,19 +1119,19 @@
         </tr>
         <tr>
             <td>--allow-principal</td>
-            <td>Principal is in PrincipalType:name format that will be added to ACL
with Allow permission. <br>You can specify multiple --allow-principal in a single command.</td>
+            <td>Principal is in PrincipalType:name format that will be added to ACL
with Allow permission. Default PrincipalType string "User" is case sensitive. <br>You
can specify multiple --allow-principal in a single command.</td>
             <td></td>
             <td>Principal</td>
         </tr>
         <tr>
             <td>--deny-principal</td>
-            <td>Principal is in PrincipalType:name format that will be added to ACL
with Deny permission. <br>You can specify multiple --deny-principal in a single command.</td>
+            <td>Principal is in PrincipalType:name format that will be added to ACL
with Deny permission. Default PrincipalType string "User" is case sensitive. <br>You
can specify multiple --deny-principal in a single command.</td>
             <td></td>
             <td>Principal</td>
         </tr>
         <tr>
             <td>--principal</td>
-            <td>Principal is in PrincipalType:name format that will be used along with
--list option. This will list the ACLs for the specified principal. <br>You can specify
multiple --principal in a single command.</td>
+            <td>Principal is in PrincipalType:name format that will be used along with
--list option. Default PrincipalType string "User" is case sensitive. This will list the ACLs
for the specified principal. <br>You can specify multiple --principal in a single command.</td>
             <td></td>
             <td>Principal</td>
         </tr>


Mime
View raw message