Class StandardAclProvider

java.lang.Object
io.confluent.kafka.security.authorizer.acl.StandardAclProvider
All Implemented Interfaces:
ExtendedAccessRuleProvider, io.confluent.security.authorizer.provider.AccessRuleProvider, io.confluent.security.authorizer.provider.Provider, Closeable, AutoCloseable, org.apache.kafka.common.Configurable
public class StandardAclProvider extends Object implements ExtendedAccessRuleProvider
Provider implementation which derives access rules from StandardAuthorizer, which is the default authorizer for KRaft and stores rules in the __cluster_metadata topic.

  • Constructor Details

    • StandardAclProvider

      public StandardAclProvider()

  • Method Details

    • configure

      public void configure(Map<String,?> configs)
      Specified by:
      configure in interface org.apache.kafka.common.Configurable

    • start

      public CompletionStage<Void> start(org.apache.kafka.server.authorizer.internals.ConfluentAuthorizerServerInfo serverInfo)
      Specified by:
      start in interface io.confluent.security.authorizer.provider.Provider

    • providerName

      public String providerName()
      Specified by:
      providerName in interface io.confluent.security.authorizer.provider.Provider

    • mayDeny

      public boolean mayDeny()
      Specified by:
      mayDeny in interface io.confluent.security.authorizer.provider.AccessRuleProvider

    • usesMetadataFromThisKafkaCluster

      public boolean usesMetadataFromThisKafkaCluster()
      Specified by:
      usesMetadataFromThisKafkaCluster in interface io.confluent.security.authorizer.provider.Provider

    • isSuperUser

      public boolean isSuperUser(org.apache.kafka.common.security.auth.KafkaPrincipal principal, io.confluent.security.authorizer.Scope scope)
      Specified by:
      isSuperUser in interface io.confluent.security.authorizer.provider.AccessRuleProvider

    • findRule

      public io.confluent.security.authorizer.provider.AuthorizeRule findRule(Set<org.apache.kafka.common.security.auth.KafkaPrincipal> matchingPrincipals, String host, io.confluent.security.authorizer.Action action)
      Specified by:
      findRule in interface ExtendedAccessRuleProvider

    • addMatchingRules

      public void addMatchingRules(io.confluent.security.authorizer.provider.ResourceAuthorizeRules matchingRules, Set<org.apache.kafka.common.security.auth.KafkaPrincipal> matchingPrincipals, String host, io.confluent.security.roledefinitions.Operation operation, io.confluent.security.authorizer.Scope resourceScope, io.confluent.security.roledefinitions.ResourceType resourceType)
      Specified by:
      addMatchingRules in interface ExtendedAccessRuleProvider

    • close

      public void close() throws IOException
      Specified by:
      close in interface AutoCloseable
      Specified by:
      close in interface Closeable
      Throws:
      IOException

    • asAuthorizer

      public Optional<org.apache.kafka.server.authorizer.Authorizer> asAuthorizer()
      Specified by:
      asAuthorizer in interface io.confluent.security.authorizer.provider.AccessRuleProvider