Uploaded image for project: 'Kafka'
  1. Kafka
  2. KAFKA-1682 Security for Kafka
  3. KAFKA-1683

Implement a "session" concept in the socket server

    XMLWordPrintableJSON

Details

    • Sub-task
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • 0.8.2.1
    • 0.9.0.0
    • security
    • None

    Description

      To implement authentication we need a way to keep track of some things between requests. The initial use for this would be remembering the authenticated user/principle info, but likely more uses would come up (for example we will also need to remember whether and which encryption or integrity measures are in place on the socket so we can wrap and unwrap writes and reads).

      I was thinking we could just add a Session object that might have a user field. The session object would need to get added to RequestChannel.Request so it is passed down to the API layer with each request.

      Attachments

        1. KAFKA-1683.patch
          7 kB
          Gwen Shapira
        2. KAFKA-1683.patch
          9 kB
          Gwen Shapira

        Issue Links

          is depended upon by

          Sub-task - The sub-task of the issue KAFKA-2210 KafkaAuthorizer: Add all public entities, config changes and changes to KafkaAPI and kafkaServer to allow pluggable authorizer implementation.

          • Blocker - Blocks development and/or testing work, production could not run
          • Resolved

          Activity

            People

              gwenshap Gwen Shapira
              jkreps Jay Kreps
              Votes:
              0 Vote for this issue
              Watchers:
              14 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: