THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
...
Current state: ["DISCUSSION"].
Discussion thread: here
JIRA: KAFKA-1696
Please keep the discussion on the mailing list rather than commenting on the wiki (wiki discussions get unwieldy fast).
...
class ExpireTokenRequest(hmac: byte[], expireAt: long = Systemtime.currentTimeMillis)
Protocol changes
DelegationTokenRequest
| Code Block |
|---|
DelegationTokenRequest => [Renewer] MaxLifeTime
Renewer => string
MaxLifeTime => INT64 |
Field | Description |
|---|---|
Renewer | Renewer is an user who is allowed to renew this token before the max lifetime expires. If Renewer list is empty, then Renewer will default to the owner. |
MaxLifeTime | Max lifetime for token in milli seconds to future date. if value is -1, then MaxLifeTime will default to a server side config value |
...
RenewDelegationTokenRequest
| Code Block |
|---|
RenewDelegationTokenRequest => HMAC ExpiryTime
HMAC => bytes
ExpiryTime => INT64 |
Field | Description |
|---|---|
HMAC | HMAC of the delegation token to be renewed |
ExpiryTime | Token Expiry time in milli seconds to future date. |
RenewDelegationTokenResponse
| Code Block |
|---|
RenewDelegationTokenResponse => ErrorCode
ErrorCode => INT32
|
Possible Error Codes
* AuthorizationException ()* TokenExpiredException ()
* TokenRenewerMismatchException ()
* TokenNotFoundException ()
ExpireTokenRequest
| Code Block |
|---|
ExpireTokenRequest => HMAC HMAC => bytes |
ExpireTokenResponse
| Code Block |
|---|
ExpireTokenResponse => ErrorCode
ErroCode => INT32 |
Possible Error Codes
* AuthorizationException ()Configuration options
The following options will be added to KafkaConfig.java and can be configured as properties for Kafka server:
delegation.token.max.life.time : Default max life time for delegation tokens.- delegation.token.expiry.time :
- delegation.token.secret
...