You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository has been archived by the owner on Apr 15, 2024. It is now read-only.
Even with TLS/mTLS authentication, any other service with rootCA is able to access Bookkeeper which is unacceptable as Bookkeeper is the source or truth.
This feature allows a predefined set of roles to be 'whitelisted' to be able
to access bookkeeper based on their client certificates.
It also introduces a structure for these roles to adhere to in order to scale.
Original Issue: apache#2354
This is the master ticket for tracking BP-41.
Even with TLS/mTLS authentication, any other service with rootCA is able to access Bookkeeper which is unacceptable as Bookkeeper is the source or truth.
This feature allows a predefined set of roles to be 'whitelisted' to be able
to access bookkeeper based on their client certificates.
It also introduces a structure for these roles to adhere to in order to scale.
Proposal PR - Link
The text was updated successfully, but these errors were encountered: