Jason Gustafson created KAFKA-2579:
--------------------------------------
Summary: Unauthorized clients should not be able to join groups
Key: KAFKA-2579
URL: https://issues.apache.org/jira/browse/KAFKA-2579
Project: Kafka
Issue Type: Sub-task
Affects Versions: 0.9.0.0
Reporter: Jason Gustafson
The JoinGroup authorization is only checked in the response callback which is
invoked after the request has been forwarded to the ConsumerCoordinator and the
client has joined the group. This allows unauthorized members to impact the
rest of the group since the coordinator will assign partitions to them. It
would be better to check permission and return immediately if the client is
unauthorized.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
