Details
-
Sub-task
-
Status: Resolved
-
Blocker
-
Resolution: Duplicate
-
None
-
None
-
None
Description
For the security infrastructure, we need an extendible interface to replace SocketChannel.
KAFKA-1684 suggests extending SocketChannel itself, but since SocketChannel is part of Java's standard library, the interface changes between different Java versions, so extending it directly can become a compatibility issue.
Instead, we can implement a KafkaChannel interface, which will implement connect(), read(), write() and possibly other methods we use.
We will replace direct use of SocketChannel in our code with use of KafkaChannel.
Different implementations of KafkaChannel will be instantiated based on the port/SecurityProtocol configuration.
This patch will provide at least the PLAINTEXT implementation for KafkaChannel.
I will validate that the SSL implementation in KAFKA-1684 can be refactored to use a KafkaChannel interface rather than extend SocketChannel directly. However, the patch will not include the SSL channel itself.
The interface should also include setters/getters for principal and remote IP, which will be used for the authentication code.