Authorizer

Authorizer is a Configurable and can take configuration parameters when instantiated (by reflection).

A concrete authorizer is used for authorization (in KafkaApis) per authorizer.class.name configuration property.

Note
SimpleAclAuthorizer is the only known Authorizer in Apache Kafka.
Table 1. Authorizer Contract
Method Description

addAcls

addAcls(
  acls: Set[Acl],
  resource: Resource): Unit

Adds ACLs for a resource

Used when:

authorize

authorize(
  session: Session,
  operation: Operation,
  resource: Resource): Boolean

Authorizes a principal to perform an operation on a resource

Used when KafkaApis is requested to authorize a principal for an operation on a resource

close

close(): Unit

Closes the authorizer

Used when:

  • KafkaApis is requested to shut down

  • AclCommand administration utility is requested to add, remove, and list ACLs

getAcls

getAcls(): Map[Resource, Set[Acl]]
getAcls(
  principal: KafkaPrincipal): Map[Resource, Set[Acl]]
getAcls(
  resource: Resource): Set[Acl]

Gets ACLs (all, for a principal or a resource)

Used when:

  • AclCommand administration utility is executed

  • KafkaApis is requested to handle DescribeAcls and DeleteAcls requests

removeAcls

removeAcls(
  resource: Resource): Boolean
removeAcls(
  acls: Set[Acl],
  resource: Resource): Boolean

Removes ACLs on a resource

Used when:

results matching ""

    No results matching ""