SummCoder opened a new issue, #10498:
URL: https://github.com/apache/rocketmq/issues/10498

   ### Search before creation
   
   - [x] I had searched in the 
[issues](https://github.com/apache/rocketmq/issues) and found no similar issues.
   
   
   ### Documentation Related
   
   The ACL documentation (both English and Chinese) only mentions
   `aclEnable=true` as the required broker configuration. However, in
   RocketMQ 5.x, the following additional properties are required:
   
   - authenticationEnabled=true
   - authorizationEnabled=true
   - migrateAuthFromV1Enabled=true
   - 
authenticationMetadataProvider=org.apache.rocketmq.auth.authentication.provider.LocalAuthenticationMetadataProvider
   - 
authorizationMetadataProvider=org.apache.rocketmq.auth.authorization.provider.LocalAuthorizationMetadataProvider
   
   Evidence from source code:
   - AbstractAuthenticationStrategy.java:54 — returns immediately if
     authenticationEnabled is false
   - AbstractAuthorizationStrategy.java:54 — same for authorizationEnabled
   - AuthMigrator.java:72 — plain_acl.yml is not loaded without
     migrateAuthFromV1Enabled
   - AuthenticationFactory.java:80-81 — returns null if
     authenticationMetadataProvider is blank, causing
     "authenticationMetadataProvider is not configured" error
   
   Without these properties, ACL either silently allows all traffic or
   throws configuration errors.
   
   ### Are you willing to submit PR?
   
   - [x] Yes I am willing to submit a PR!


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

Reply via email to