Interconnect ns4kafka with AKHQ

AKHQ should be able to derive the following properties based on the authenticated user LDAP groups: 
- topics_filter_regex
- connects_filter_regex
- groups_filter_regex

To do so, during AHKQ authentication phase, AKHQ should contact ns4kafka to recover the list of available resources for the authenticated user (though RoleBinding>Namespace>AccesControlEntry)

This would require a customization on AKHQ side, probably overriding this class https://github.com/tchiotludo/akhq/blob/dev/src/main/java/org/akhq/modules/LdapContextAuthenticationMapper.java

as well as the creation of a new endpoint on ns4kafka to provide the list of available topics, connects and groups based on the input LDAP Group list.

input (called by AKHQ during authentication step):
````
POST /api/v1/acls/available
{
  groups: [
    "LDAP-GROUP1",
    "LDAP-GROUP2"
}
````
ouput:
````
{
  "topics": ["project1.*", "project2.*", "literal.topic"],
  "connects": ["project1.*"],
  "groups": ["project1.*", "connect-project1.*"]
}
````

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Interconnect ns4kafka with AKHQ #34

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Participants

Interconnect ns4kafka with AKHQ #34

Description

Activity

twobeeb commented on May 17, 2021

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Participants

Issue actions