Table of Contents |
---|
Status
Current state: Under Discussion Adopted
Discussion thread: here
JIRA:
Jira | ||||||
---|---|---|---|---|---|---|
|
...
To address these problems, we propose first to introduce a new AuthenticationContext
interface to encapsulate the authentication state needed to derive the principal. Initially we expose a single method methods to get the underlying security protocol in use and the client address.
Code Block |
---|
interface AuthenticationContext { String securityProtocolName(); SecurityProtocolInetAddress protocolclientAddress(); } |
There will be two implementations of this interface exposed: SslAuthenticationContext
and SaslAuthenticationContext
. These expose the respective state needed to derive the Principal
.
...
PrincipalBuilder
and KafkaPrincipalBuilder
will be exposed through the principal.builder.class
configuration.KafkaPrincipal
, we intend to deprecate and eventually remove the static fromString
method since it only supports construction of KafkaPrincipal
instances.Rejected Alternatives
Another option to add support for SASL might be to modify the SaslServerAuthenticator
to use the existing PrincipalBuilder
. This allows us to write a custom PrincipalBuilder
such as the following:
...