Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Current state["DISCUSSION"]. 

Discussion thread: here

JIRA: KAFKA-1696 

Please keep the discussion on the mailing list rather than commenting on the wiki (wiki discussions get unwieldy fast).

...

Below diagram shows the steps required to use the delegation tokens.

ACL

Currently we only allow a user to create delegation token for that user only. Renew and expire requests should come from owner or renewers of the token. So we dont need ACLs for create/renew/expire requests. 

For describe, we can add DESCRIBE operation on Token Resource.  In future, when we extend the support to allow a user to acquire delegation tokens for other users, then we can enable CREATE/DELETE operations.

 

Operation

Resource

API
DESCRIBE

Token

describeTokens
CREATE

Token

createToken (Will be introduced in a future release)
DELETE

Token 

deleteToken (Will be introduced in a future release)

Q/A

Q1. Is there any dependency on Hadoop APIs/Libraries?

...