[
https://issues.apache.org/jira/browse/KAFKA-5750?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Guozhang Wang updated KAFKA-5750:
-
*Reminder to the contributor / reviewer of the PR*: please note that the code
deadline for 1.0.0 is less than 2 weeks away (Oct. 4th). Please re-evaluate
your JIRA and see if it still makes sense to be merged into 1.0.0 or it could
be pushed out to 1.1.0, or be closed directly if the JIRA itself is not valid
any more, or re-assign yourself as contributor / committer if you are no longer
working on the JIRA.
> Elevate log messages for denials to INFO in SimpleAclAuthorizer class
> -
>
> Key: KAFKA-5750
> URL: https://issues.apache.org/jira/browse/KAFKA-5750
> Project: Kafka
> Issue Type: Improvement
> Components: security
>Reporter: Phillip Walker
>Assignee: Manikumar
> Fix For: 1.0.0
>
>
> Currently, the authorizer logs all messages at DEBUG level and logs every
> single authorization attempt, which can greatly decrease cluster performance,
> especially when Mirrormaker also produces to that cluster. Many InfoSec
> requirements, though, require that authorization denials be logged. The
> proposed solution is to elevate any denial in SimpleAclAuthorizer and any
> other relevant class to WARN while leaving approvals at their currently
> logging levels.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
