Uploaded image for project: 'Kafka'
  1. Kafka
  2. KAFKA-3166

Disable SSL client authentication for SASL_SSL security protocol

    XMLWordPrintableJSON

    Details

    • Type: Improvement
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 0.9.0.0
    • Fix Version/s: 0.9.0.1
    • Component/s: security
    • Labels:
      None

      Description

      A useful scenario is for a broker to require clients to authenticate either via SSL or via SASL (with SASL_SSL security protocol). With the current code, this is not possible to achieve. If we set `ssl.client.auth` to `required`, then it will be required for both SSL and SASL.

      I suggest we hardcode `ssl.client.auth` to `none` for the `SASL_SSL` case.

        Attachments

          Activity

            People

            • Assignee:
              ijuma Ismael Juma
              Reporter:
              ijuma Ismael Juma
              Reviewer:
              sriharsha chintalapani
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: