public interface Authorizer
extends org.apache.kafka.common.Configurable, java.io.Closeable
| Modifier and Type | Method and Description |
|---|---|
default java.util.List<AuthorizeResult> |
authorize(org.apache.kafka.common.security.auth.KafkaPrincipal sessionPrincipal,
java.lang.String host,
java.util.List<Action> actions)
Performs authorization for each of the provided `actions` and returns the result of each
authorization.
|
java.util.List<AuthorizeResult> |
authorize(RequestContext requestContext,
java.util.List<Action> actions)
Performs authorization for each of the provided `actions` and returns the result of each
authorization.
|
default java.util.List<AuthorizeResult> authorize(org.apache.kafka.common.security.auth.KafkaPrincipal sessionPrincipal, java.lang.String host, java.util.List<Action> actions)
sessionPrincipal - Authenticated principal of the client being authorized.
For embedded authorizer used in brokers, this must be the session principal
created by KafkaPrincipalBuilder.
For remote authorization, e.g using Metadata Service, this is a KafkaPrincipal
instance that represents the principal of the remote client being authorized.host - The host IP of the client performing the actions being authorized.
This may be null if host-based access control is not enabled.actions - List of actions being authorized including the resource and operation
for each action.java.util.List<AuthorizeResult> authorize(RequestContext requestContext, java.util.List<Action> actions)
requestContext - Request context including principal and additional context for auditingactions - List of actions being authorized including the resource and operation
for each action.