...
Code Block |
---|
DelegationTokenRequest => [Renewer] MaxDateMaxDateMs Renewer => string MaxDateMaxDateMs => INT64 |
Field | Description |
---|---|
Renewer | Renewer is an Kafka Principal, which is allowed to renew this token before the max lifetime expires. If Renewer list is empty, then Renewer will default to the owner (Principal which requested this token). |
MaxDateMaxDateMs | Max lifetime for token in milli seconds. if value is -1, then MaxLifeTime will default to a server side config value. |
...
Code Block |
---|
DelegationTokenResponse => ErrorCode TokenDetails ErrorCode => INT16 TokenDetails => Owner IssueDateIssueDateMs ExpiryDateExpiryDateMs TokenId HMAC [Renewer] Owner => String IssueDateIssueDateMs => INT64 ExpiryDateExpiryDateMs => INT64 TokenId => String HMAC => bytes Renewer => String |
Field | Description |
---|---|
Owner | Kakfa Principal which requested the delegation token |
IssueDateIssueDateMs | timestamp (in msec) when this token was generated. Unit is milliseconds since beginning of the epoch (midnight Jan 1, 1970 (UTC)). |
ExpiryDateExpiryDateMs | timestamp (in msec) at which this token expires. Unit is milliseconds since beginning of the epoch (midnight Jan 1, 1970 (UTC)). |
TokenId | Sequence number/UUID to ensure uniqueness |
HMAC | Keyed-hash message authentication code |
Renewer | Renewers list |
Possible Error Codes
* AuthorizationExceptionDelegationTokenDisabledException
RenewDelegationTokenRequest
Code Block |
---|
RenewDelegationTokenRequest => HMAC RenewPeriodMs HMAC => bytes RenewPeriodMs => INT64 |
Field | Description |
---|---|
HMAC | HMAC of the delegation token to be renewed |
RenewPeriodMs | Renew Time period in milli seconds |
RenewDelegationTokenResponse
Code Block |
---|
RenewDelegationTokenResponse => ErrorCode TokenDetails ErrorCode => INT32 TokenDetails => Owner IssueDateIssueDateMs ExpiryDateExpiryDateMs TokenId HMAC [Renewer] Owner => String IssueDateIssueDateMs => INT64 ExpiryDateExpiryDateMs => INT64 TokenId => String HMAC => bytes Renewer => String |
Possible Error Codes
* AuthorizationExceptionDelegationTokenDisabledException
* TokenRenewerMismatchException
...
Code Block |
---|
ExpireTokenRequest => HMAC expiryDateexpiryDateMs HMAC => bytes expiryDateexpiryDateMs => INT64 |
Field | Description |
---|---|
HMAC | HMAC of the delegation token to be renewed |
expiryDateexpiryDateMs | Token expiry timestamp. Unit is milliseconds since beginning of the epoch (midnight Jan 1, 1970 (UTC)) |
...
Code Block |
---|
ExpireTokenResponse => ErrorCode ErroCode => INT32 |
Possible Error Codes
* AuthorizationException
InvalidateTokenRequest
Code Block |
---|
InvalidateTokenRequest => HMAC
HMAC => bytes |
...
DelegationTokenDisabledException
* TokenRenewerMismatchException
* TokenNotFoundException
Code Block |
---|
InvalidateTokenResponse => ErrorCode
ErroCode => INT32 |
Possible Error Codes
* AuthorizationException
Configuration options
The following options will be added to KafkaConfig.java
and can be configured as properties for Kafka server:
...