THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
...
To take advantage of these custom algorithms, we want to support java security provider parameter in security config. For instance, in streaming applications like Flink, Spark or Storm, one can configure 'spiffe.provider.SpiffeProvider' which helps in fetching the keys and certificates via a gRPC endpoint. This param can be used by kafka brokers or kafka clients(when connecting to the kafka brokers). The security providers can also be used for configuring security algorithms in SASL based communication.
...
| Code Block | ||
|---|---|---|
| ||
security.provider.class.names=com.security.ProviderClass,com.security.ProviderClass2 |
Proposed Changes
We add new config parameter in KafkaConfig named “security“security.provider.class.names”. The value of “security.provider.class.provider” names” is expected to be a string representing the provider’s full classname. This provider class will be added to the JVM through Security.addProvider api. Security class can be used to programmatically add the provider classes to the JVM.
...
There already exists a property “ssl.providers”provider”, however there is a problem with using this parameter. The expected value of this property is the name of the algorithm and the provider class registering the algorithm needs to be added as part of static java.security file or system level variables as per the SslContext implementation. Therefore, this param can’t be used for registering a security provider.
...