THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
...
Client flow:
- If
sasl.mechanism
is not GSSAPI, send a packet with the mechanism name to the server. Otherwise go to Step 3.- Packet Format: |
Version
(Int16
)KafkaRequestHeader
|Mechanism
(String
) |
- Packet Format: |
- Wait for response from the server. If the error code in the response is non-zero, indicating failure, report the error and fail authentication.
- Perform SASL authentication with the configured client mechanism
Server flow:
- Wait for first authentication packet from client
- If this packet is a not valid mechanism request, go to Step 4 and process this packet as the first GSSAPI client token
- If the client mechanism received in Step 2 is enabled in the broker, send a response with error code zero and start authentication using the specified mechanism. Otherwise, send an error response including the list of enabled mechanisms and fail authentication.
- Packet Format: | KafkaResponseHeader | ErrorCode (
Int16
) |EnabledMechanisms
(ArrayOf(String)
) |
- Packet Format: | KafkaResponseHeader | ErrorCode (
- Perform SASL authentication with the selected mechanism. If mechanism exchange was skipped, process the initial packet that was received from the client first.
...