...
Current state: ["DISCUSSION"].
Discussion thread: here
JIRA: KAFKA-1696
Please keep the discussion on the mailing list rather than commenting on the wiki (wiki discussions get unwieldy fast).
...
The following options will be added to KafkaConfig.java
and can be configured as properties for Kafka server:
delegation.token.max.lifetime.sec
:
The
token
has
a
maximum
lifetime
beyond
which
it
cannot
be
renewed
any
more.
Default
value
7
days.
delegation.token.expiry.time.sec
:
The
token
validity
time
in
seconds
before
the
token
needs
to
be
renewed.
Default
value
1
day.
delegation.token.master.key
:
Secret/masterKey
to
generate
and
verify
delegation
tokens.
This
masterKey
needs
to
be
configured
with
all
the brokersthe brokers. If the secret is not set or set to empty string, brokers will disable the delegation token support.
Proposed Changes
Token
The Kafka authentication token is modeled after the Hadoop user delegation token. The token will consist of:
...