New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Authentication] Support chained authentication with same auth method name #9094
[Authentication] Support chained authentication with same auth method name #9094
Conversation
… name *Motivation* Chained authentication is a very useful mechanism for migrating a cluster from one authentication provider to the other authentication provider. However, Pulsar doesn't support configuring multiple authentication providers with same auth method name. For example, a Pulsar cluster was using standard JWT authentication initially. The users want to upgrade the Pulsar cluster to use an OAuth2 authentication mechanism. But both JWT and OAuth2 share the same authentication method name. This change improves the authentication logic to support chained authentication with same auth method name.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nice feature
LGTM
/pulsarbot run-failure-checks |
1 similar comment
/pulsarbot run-failure-checks |
/pulsarbot run-failure-checks |
3 similar comments
/pulsarbot run-failure-checks |
/pulsarbot run-failure-checks |
/pulsarbot run-failure-checks |
…entication_providers
/pulsarbot run-failure-checks |
1 similar comment
/pulsarbot run-failure-checks |
@sijie There is a failed test, please take a look
|
…entication_providers
…oviders' into allow_multiple_authentication_providers
@codelipenghui I have just pushed a change to fix the test. |
/pulsarbot run-failure-checks |
…entication_providers
…entication_providers
…oviders' into allow_multiple_authentication_providers
… name (#9094) *Motivation* Chained authentication is a very useful mechanism for migrating a cluster from one authentication provider to the other authentication provider. However, Pulsar doesn't support configuring multiple authentication providers with same auth method name. For example, a Pulsar cluster was using standard JWT authentication initially. The users want to upgrade the Pulsar cluster to use an OAuth2 authentication mechanism. But both JWT and OAuth2 share the same authentication method name. This change improves the authentication logic to support chained authentication with same auth method name. (cherry picked from commit c2a4e66)
… name (#9094) *Motivation* Chained authentication is a very useful mechanism for migrating a cluster from one authentication provider to the other authentication provider. However, Pulsar doesn't support configuring multiple authentication providers with same auth method name. For example, a Pulsar cluster was using standard JWT authentication initially. The users want to upgrade the Pulsar cluster to use an OAuth2 authentication mechanism. But both JWT and OAuth2 share the same authentication method name. This change improves the authentication logic to support chained authentication with same auth method name. (cherry picked from commit c2a4e66)
Motivation
Chained authentication is a very useful mechanism for migrating a cluster from
one authentication provider to the other authentication provider. However,
Pulsar doesn't support configuring multiple authentication providers with same
auth method name.
For example, a Pulsar cluster was using standard JWT authentication initially.
The users want to upgrade the Pulsar cluster to use an OAuth2 authentication
mechanism. But both JWT and OAuth2 share the same authentication method name.
This change improves the authentication logic to support chained authentication
with same auth method name.