XMLWordPrintableJSON

    Details

    • Type: Sub-task
    • Status: Resolved
    • Priority: Blocker
    • Resolution: Fixed
    • Affects Version/s: 0.8.2.1
    • Fix Version/s: 0.9.0.0
    • Component/s: security
    • Labels:
      None

      Description

      Implement SASL/Kerberos authentication.

      To do this we will need to introduce a new SASLRequest and SASLResponse pair to the client protocol. This request and response will each have only a single byte[] field and will be used to handle the SASL challenge/response cycle. Doing this will initialize the SaslServer instance and associate it with the session in a manner similar to KAFKA-1684.

      When using integrity or encryption mechanisms with SASL we will need to wrap and unwrap bytes as in KAFKA-1684 so the same interface that covers the SSLEngine will need to also cover the SaslServer instance.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                sriharsha Harsha
                Reporter:
                jkreps Jay Kreps
                Reviewer:
                Jun Rao
              • Votes:
                2 Vote for this issue
                Watchers:
                26 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: