THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
...
It is worth noting that these extensions would lack a digital signature and therefore should not be used for critical use-cases where security is a concern.
Public Interfaces
New JAAS config option for default, unsecured bearer tokens - `unsecuredLoginExtension_<extensionname>` (as shown in the "Example" paragraph). The name "auth" is not supported as a custom extension name with any SASL/OAUTHBEARER mechanism, including the unsecured one, since it is reserved by the specification for what is normally sent in the HTTP Authorization header. An attempt to use it will result in an exception. There are also additional regex validations for extension name and values to ensure they conform to the OAuth standard.
`SaslExtensionsCallback` - generic callback to hold extensions
| Code Block | ||||
|---|---|---|---|---|
| ||||
package org.apache.kafka.common.security.auth;
public class SaslExtensionsCallback implements Callback {
/**
* Returns a {@link SaslExtensions} consisting of the extension names and values that are sent by the client to
* the server in the initial client SASL authentication message.
*/
public SaslExtensions extensions()
/**
* Sets the SASL extensions on this callback.
*/
public void extensions(SaslExtensions extensions)
} |
...