THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
...
Currently the Kafka java client does not support different login contexts from within the same JVM.
IBM MessageHub has encountered many users asking for this functionality, e.g. having multiple consumers and producers in a single JVM that consumer/produce to different Kafka clusters, each requiring specific credentials.
Public Interfaces
For SASL PLAIN:
...
This KIP becomes trivial after KIP-85: Dynamic JAAS configuration for Kafka clients
org.apache.kafka.common.security.plain.MultiUserPlainLoginModuleand a new public interface such as
public interface CredentialProvider { public String getUserName(String clientId); public char[] getPassword(String clientId);}A CredentialProvider uses the client.id property from the consumer.properties/producer.properties file, and provides username and password corresponding to that clientid .
The user should provide an implementation of CredentialProvider but a sample implementation that reads values from jaas.conf will be supplied.
Example of jaas.conf :
KafkaClient { org.apache.kafka.common.security.plain.MultiUserPlainLoginModule serviceName="kafka" credentialProvider="org.apache.kafka.common.security.plain.DefaultCredentialProvider";};...
TBD
Proposed Changes
LoginManager should no longer be a singleton.
On the client side, LoginManager caching will be keyed on the jaas configuration object.
Compatibility, Deprecation, and Migration Plan
...