[ https://issues.apache.org/jira/browse/KAFKA-3329?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Ray Chiang updated KAFKA-3329: ------------------------------ Component/s: tools > Validation script to test expected behavior of Authorizer implementations > ------------------------------------------------------------------------- > > Key: KAFKA-3329 > URL: https://issues.apache.org/jira/browse/KAFKA-3329 > Project: Kafka > Issue Type: Wish > Components: tools > Reporter: Grant Henke > Priority: Major > > The authorizer interface and documentation defines some of the expected > behavior of an Authorizer implementation. However, having real tests for a > user implementing their own authorizer would be useful. A script like: > {code} > kafka-validate-authorizer.sh --authorizer-class ... > {code} > could be used to validate: > * Expected operation inheritance > ** Example: READ or WRITE automatically grants DESCRIBE > * Expected exceptions or handling of edge cases > ** When I add the same ACL twice > ** When I remove an ACL that is not set > ** When both Deny and Allow are set? > ** When no Acl is attached to a resource? > * Expected support for concurrent requests against multiple instances > These same tests could be part of the Authorizer integration tests for > Kafka's SimpleAuthorizer implementation. > Users would not be required to follow all of the "default" expectations. But > they would at least know what assumptions their implementation breaks. -- This message was sent by Atlassian JIRA (v7.6.3#76005)