hortonworks / registry

Schema Registry
Apache License 2.0
15 stars 8 forks source link

Change the format of mTLS principal mapping rules to be consistent with kafka #791

Closed nattilabalint closed 1 year ago

nattilabalint commented 1 year ago

When setting multiple rules for schema.registry.ssl.principal.mapping.rules if multiple rules are added, they should be wrapped in double quotes like this:

"RULE:^CN=(.?),OU=ServiceUsers.$/$1/L","DEFAULT"
However, this is not mentioned in the documentation / property description and not consistent with how kafka handles the ssl.principal.mapping.rules, as they can be set without quotes:

RULE:^CN=(.?),OU=ServiceUsers.$/$1/L,DEFAULT
EXPECTED ACTION

Modify the rule mapping in a way that users can set multiple rules without using double quotes:

RULE:^CN=(.?),OU=ServiceUsers.$/$1/L,DEFAULT
The class responsible for reading and splitting the rules is

com.cloudera.dim.registry.ssl.MutualSslFilter.