[jira] [Resolved] (KAFKA-2579) Unauthorized clients should not be able to join groups

Gwen Shapira (JIRA) Thu, 24 Sep 2015 19:27:47 -0700

     [ 
https://issues.apache.org/jira/browse/KAFKA-2579?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Gwen Shapira resolved KAFKA-2579.
---------------------------------
       Resolution: Fixed
    Fix Version/s: 0.9.0.0

Issue resolved by pull request 240
[https://github.com/apache/kafka/pull/240]

> Unauthorized clients should not be able to join groups 
> -------------------------------------------------------
>
>                 Key: KAFKA-2579
>                 URL: https://issues.apache.org/jira/browse/KAFKA-2579
>             Project: Kafka
>          Issue Type: Sub-task
>          Components: security
>    Affects Versions: 0.9.0.0
>            Reporter: Jason Gustafson
>            Assignee: Jason Gustafson
>             Fix For: 0.9.0.0
>
>
> The JoinGroup authorization is only checked in the response callback which is 
> invoked after the request has been forwarded to the ConsumerCoordinator and 
> the client has joined the group. This allows unauthorized members to impact 
> the rest of the group since the coordinator will assign partitions to them. 
> It would be better to check permission and return immediately if the client 
> is unauthorized.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Resolved] (KAFKA-2579) Unauthorized clients should not be able to join groups

Reply via email to