THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
...
Client flow:
- If
sasl.mechanismis not GSSAPI, send a packet with the mechanism name to the server. Otherwise go to Step 3.- Packet Format: |
Version(Int16) |Mechanism(String) |
- Packet Format: |
- Wait for response from the server. If the error code in the response is non-zero, indicating failure, report the error and fail authentication.
- Perform SASL authentication with the configured client mechanism
Server flow:
- Wait for first authentication packet from client
- If this packet is a not valid mechanism request, go to Step 4 and process this packet as the first GSSAPI client token
- If the client mechanism received in Step 2 is enabled in the broker, send a response with error code zero and start authentication using the specified mechanism. Otherwise, send an error response including the list of enabled mechanisms and fail authentication.
- Packet Format: |
Version(Int16) | ErrorCode (Int16)|EnabledMechanisms(ArrayOf(String)) |
- Packet Format: |
- Perform SASL authentication with the selected mechanism. If mechanism exchange was skipped, process the initial packet that was received from the client first.
...