THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
...
Current state: "Under Discussion"
Discussion thread: [not yet created]here
JIRA: KAFKA-6562[not yet created]
Please keep the discussion on the mailing list rather than commenting on the wiki (wiki discussions get unwieldy fast).
...
Code Block | ||||||
---|---|---|---|---|---|---|
| ||||||
package org.apache.kafka.common.security.oauthbearer.refresh; /** * Immutable refresh-related configuration for instances of * {@link ExpiringCredentialRefreshingLogin}. Configuration that is independent * of the actual credential itself and that can be defined as login module * options in a JAAS config should be stored here. */ public class RefreshConfig { /** * Default constructor with individual refresh configuration properties * being set to their default values */ public RefreshConfig() { this(Collections.<String, String>emptyMap(), ""); } /** * Constructor based on a map with keys being the String keys associated with * {@link RefreshConfigProp} instances and values being either Strings or * non-Strings. Individual refresh configuration properties that are not * explicitly set to a valid value on the given map will be set to their default * value for this instance. * * @param configMap * the mandatory (but possibly empty) configuration map upon which to * build this instance * @see RefreshConfigProp#stringKeys() * @see RefreshConfigProp#parseValue(Object) */ public RefreshConfig(Map<String, String> configMap) { this(configMap, ""); } /** * Constructor based on a map with keys being the String keys associated with * {@link RefreshConfigProp} instances and values being either Strings or * non-Strings. Individual refresh configuration properties that are not * explicitly set to a valid value on the given map will be set to their default * value for this instance. * * @param configMap * the mandatory (but possibly empty) configuration map upon which to * build this instance * @param keyPrefix * the mandatory (but potentially blank) prefix to prepend to String * keys * @see RefreshConfigProp#stringKeys() * @see RefreshConfigProp#parseValue(Object) */ public RefreshConfig(Map<String, String> configMap, String keyPrefix) { // etc... } /** public* Map<RefreshConfigProp,Return Object>the refreshConfigMap((always non-null and unmodifiable) {@code Map} that resulted from * the parsing of return refreshConfigMap; the input provided at construction time }* * public@return doublethe refreshWindowFactor((always non-null and unmodifiable) {@code Map} that resulted from * the parsing of the input provided at returnconstruction refreshWindowFactor;time } */ public double refreshWindowJitterMap<RefreshConfigProp, Object> refreshConfigMap() { return refreshWindowJitterrefreshConfigMap; } /** public long* refreshMinPeriodMillis() { return refreshMinPeriodMillis; } Background login refresh thread will sleep until the specified window factor * relative to the credential's total lifetime has been reached, at which time * it will try to refresh the credential. The default value is 0.8 (80%). * * @return the refresh window factor * @see RefreshConfigProp#REFRESH_WINDOW_FACTOR */ public double refreshWindowFactor() { return refreshWindowFactor; } /** * Amount of random jitter added to the background login refresh thread's sleep * time. The default value is 0.05 (5%). * * @return the refresh window jitter * @see RefreshConfigProp#REFRESH_WINDOW_JITTER */ public double refreshWindowJitter() { return refreshWindowJitter; } /** * The minimum time between checks by the background login refresh thread, * regardless of other constraints, in milliseconds. The default value is 60,000 * (1 minute). * * @return the minimum refresh period, in milliseconds * @see RefreshConfigProp#REFRESH_MIN_PERIOD_MILLIS */ public long refreshMinPeriodMillis() { return refreshMinPeriodMillis; } /** * If the LoginModule and SaslClient implementations support multiple * simultaneous login contexts on a single Subject at the same time. If true, * then upon refresh, logout will only be invoked on the original LoginContext * after a new one successfully logs in. This can be helpful if the original * credential still has some lifetime left when an attempt to refresh the * credential fails; the client will still be able to create new connections as * long as the original credential remains valid. Otherwise, if logout is * immediately invoked prior to relogin, a relogin failure leaves the client * without the ability to connect until relogin does in fact succeed. The * default value is false. * * @return true if relogin is allowed prior to discarding an existing * (presumably unexpired) token, otherwise false * @see RefreshConfigProp#RELOGIN_ALLOWED_BEFORE_LOGOUT */ public boolean reloginAllowedBeforeLogout() { return reloginAllowedBeforeLogout; } // etc... } |
...