...
Current state: ["DISCUSSION"].
Discussion thread: here
JIRA: KAFKA-1696
Please keep the discussion on the mailing list rather than commenting on the wiki (wiki discussions get unwieldy fast).
...
class ExpireTokenRequest(hmac: byte[], expireAt: long = Systemtime.currentTimeMillis)
Protocol changes
DelegationTokenRequest
Code Block |
---|
DelegationTokenRequest => [Renewer] MaxLifeTime
Renewer => string
MaxLifeTime => INT64 |
Field | Description |
---|---|
Renewer | Renewer is an user who is allowed to renew this token before the max lifetime expires. If Renewer list is empty, then Renewer will default to the owner. |
MaxLifeTime | Max lifetime for token in milli seconds to future date. if value is -1, then MaxLifeTime will default to a server side config value |
...
RenewDelegationTokenRequest
Code Block |
---|
RenewDelegationTokenRequest => HMAC ExpiryTime
HMAC => bytes
ExpiryTime => INT64 |
Field | Description |
---|---|
HMAC | HMAC of the delegation token to be renewed |
ExpiryTime | Token Expiry time in milli seconds to future date. |
RenewDelegationTokenResponse
Code Block |
---|
RenewDelegationTokenResponse => ErrorCode
ErrorCode => INT32
|
Possible Error Codes
* AuthorizationException ()
* TokenExpiredException ()
* TokenRenewerMismatchException ()
* TokenNotFoundException ()
ExpireTokenRequest
Code Block |
---|
ExpireTokenRequest => HMAC HMAC => bytes |
ExpireTokenResponse
Code Block |
---|
ExpireTokenResponse => ErrorCode
ErroCode => INT32 |
Possible Error Codes
* AuthorizationException ()
Configuration options
The following options will be added to KafkaConfig.java
and can be configured as properties for Kafka server:
delegation.token.max.life.time : Default max life time for delegation tokens.
- delegation.token.expiry.time :
- delegation.token.secret
...