Skip to content

[improve][broker] Add strictAuthMethod to require explicit authentication method #25185

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
omarkj wants to merge 1 commit into
base: master
Choose a base branch
from
Open

[improve][broker] Add strictAuthMethod to require explicit authentication method #25185

omarkj wants to merge 1 commit into from
+46 −0

Conversation

@omarkj
Copy link

@omarkj omarkj commented Jan 26, 2026
edited
Loading

Add a new strictAuthMethod configuration option to enforce that clients must specify their authentication method. When enabled, authentication requests without an explicit method will immediately fail with "Authentication method missing" instead of attempting to authenticate with all configured providers.

This improves security by preventing unintended authentication fallback behaviour when operators want to require specific authentication methods for their deployment.

Main Issue: #25184

  • doc
  • doc-required
  • doc-not-needed
  • doc-complete

[improve][broker] Add strictAuthMethod to require explicit authentica…
bee97ea 
…tion method

Add a new strictAuthMethod configuration option to enforce that clients
must specify their authentication method. When enabled, authentication
requests without an explicit method will immediately fail with
"Authentication method missing" instead of attempting to authenticate
with all configured providers.

This improves security by preventing unintended authentication fallback
behavior when operators want to require specific authentication methods
for their deployment.
@github-actions
Copy link

github-actions bot commented Jan 26, 2026

@omarkj Please add the following content to your PR description and select a checkbox:

- [ ] `doc` <!-- Your PR contains doc changes -->
- [ ] `doc-required` <!-- Your PR changes impact docs and you will update later -->
- [ ] `doc-not-needed` <!-- Your PR changes do not impact docs -->
- [ ] `doc-complete` <!-- Docs have been already added -->

@github-actions github-actions bot added doc-not-needed Your PR changes do not impact docs and removed doc-label-missing labels Jan 26, 2026
nodece
nodece approved these changes Jan 27, 2026
View reviewed changes
Copy link
Member

@nodece nodece left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM. We just need a PIP for this one before we merge, because this is an important change.

@lhotari
Copy link
Member

lhotari commented Jan 27, 2026
edited
Loading

Thanks for the contribution @omarkj. Yes, a PIP would be useful in documenting the change.

Some questions:

  1. does this require also a similar change for
  • the Pulsar binary protocol?
  • the Pulsar Proxy?
  1. Since the client can specify the authentication method, how does this improve security?
  • Just wondering if it be useful to limit authentication methods for a particular "advertised listener"?
    • Pulsar broker can bind to multiple addresses/ports and limiting the authentication method for an external port binding could be an useful addition

@omarkj
Copy link
Author

omarkj commented Jan 27, 2026

I will get a PIP out if relevant.

@lhotari Regarding your questions:

  1. does this require also a similar change for
  • the Pulsar binary protocol?

I believe the Pulsar Protocol authentication only tries the specified authentication provider unlike the HTTP authentication which iterates through all available providers if none is specified.

  • the Pulsar Proxy?

This is a good point, if the proxy is authenticating HTTP requests then yes, might be useful there.

  1. Since the client can specify the authentication method, how does this improve security?

This should make it harder to probe the system for possibly misconfigured authentication providers.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@nodece nodece nodece approved these changes

Assignees

No one assigned

Labels

doc-not-needed Your PR changes do not impact docs

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@omarkj @lhotari @nodece