Versions Compared

Old Version 21

changes.mady.by.user Manikumar Reddy O.

Saved on

compared with

New Version 22

changes.mady.by.user Viktor Somogyi

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Discussion thread: here 

JIRA: here 

Jira
serverASF JIRA
serverId5aa69414-a9e9-3523-82ec-879b028fb15b
keyKAFKA-6945

Please keep the discussion on the mailing list rather than commenting on the wiki (wiki discussions get unwieldy fast).

...

Operation

Resource

API
CreateTokensClustercreateTokens for other users // New
DescribeTokensClusterdescribeTokens for others tokens // New

DescribeToken

DelegationToken

describeTokens for a given tokenId //Existing

...

Code Block
linenumberstrue
>> bin/kafka-delegation-token.sh --bootstrap-server broker1:9092 --create -owner-principal User:owner1 --renewer-principal User:renewer1 --max-life-time 1486750745585

Proposed Changes

Create/Renew Tokens:

Token request requester users with 'CreateTokens' permission on 'Cluster' Resource can create token or renew tokens for other users.  The token requester must be authenticated using any of the available secure channels (Kerberos, SCRAM, SSL) to createor renew tokens for  for other users. The token requester can not use delegation token based authentication for creating or renewing tokens.

Describe Tokens:

Users with 'DescribeTokens' permission on Cluster resource can describe others tokens.  

Token Details in Zookeeper

Token details properties storage format version will be updated to 2.

...