Currently, quota is based on the client.id set in the client configuration, which can be changed easily. Ideally, quota should be set on the authenticated user name. We will need to have a KIP proposal/discussion on this first.
Details are in KIP-55: https://cwiki.apache.org/confluence/display/KAFKA/KIP-55%3A+Secure+Quotas+for+Authenticated+Users
- links to
- mentioned in