[
https://issues.apache.org/jira/browse/KAFKA-3329?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15178443#comment-15178443
]
Ashish K Singh commented on KAFKA-3329:
---------------------------------------
Do you think adding ducktape tests will work? It will probably require ducktape
to allow adding resources, like JARs, config files, etc. [~granders] is it
possible to do that?
> Validation script to test expected behavior of Authorizer implementations
> -------------------------------------------------------------------------
>
> Key: KAFKA-3329
> URL: https://issues.apache.org/jira/browse/KAFKA-3329
> Project: Kafka
> Issue Type: Wish
> Reporter: Grant Henke
>
> The authorizer interface and documentation defines some of the expected
> behavior of an Authorizer implementation. However, having real tests for a
> user implementing their own authorizer would be useful. A script like:
> {code}
> kafka-validate-authorizer.sh --authorizer-class ...
> {code}
> could be used to validate:
> * Expected operation inheritance
> ** Example: READ or WRITE automatically grants DESCRIBE
> * Expected exceptions or handling of edge cases
> ** When I add the same ACL twice
> ** When I remove an ACL that is not set
> ** When both Deny and Allow are set?
> ** When no Acl is attached to a resource?
> * Expected support for concurrent requests against multiple instances
> These same tests could be part of the Authorizer integration tests for
> Kafka's SimpleAuthorizer implementation.
> Users would not be required to follow all of the "default" expectations. But
> they would at least know what assumptions their implementation breaks.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
