pprovenzano commented on code in PR #14083: URL: https://github.com/apache/kafka/pull/14083#discussion_r1282479785
########## core/src/main/scala/kafka/server/ControllerApis.scala: ########## @@ -842,6 +847,75 @@ class ControllerApis(val requestChannel: RequestChannel, } } + def handleCreateDelegationTokenRequest(request: RequestChannel.Request): CompletableFuture[Unit] = { Review Comment: > Is it allowed for users to send direct requests like this to the controller (bypassing the broker)? RIght now no, but in the future maybe yes. One strong motivation of the KRaft design is that you can make the controllers more secure if there isn't direct communication to the controller form an external source. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: jira-unsubscr...@kafka.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org