XMLWordPrintableJSON

Details

    • Sub-task
    • Status: Resolved
    • Blocker
    • Resolution: Fixed
    • 0.8.2.1
    • 0.9.0.0
    • security
    • None

    Description

      Implement SASL/Kerberos authentication.

      To do this we will need to introduce a new SASLRequest and SASLResponse pair to the client protocol. This request and response will each have only a single byte[] field and will be used to handle the SASL challenge/response cycle. Doing this will initialize the SaslServer instance and associate it with the session in a manner similar to KAFKA-1684.

      When using integrity or encryption mechanisms with SASL we will need to wrap and unwrap bytes as in KAFKA-1684 so the same interface that covers the SSLEngine will need to also cover the SaslServer instance.

      Attachments

        Issue Links

          Activity

            People

              sriharsha Harsha
              jkreps Jay Kreps
              Jun Rao Jun Rao
              Votes:
              2 Vote for this issue
              Watchers:
              24 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: