Versions Compared

Old Version 6

changes.mady.by.user Mickael Maison

Saved on

compared with

New Version Current

changes.mady.by.user Mickael Maison

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Table of Contents

Status

Current state: Draft Adopted

Discussion thread: here [Change the link from the KIP proposal email archive to your own email thread]

...

Please keep the discussion on the mailing list rather than commenting on the wiki (wiki discussions get unwieldy fast).

co-authored-by: Edoardo Comar ecomar@uk.ibm.com

Motivation

Currently when building a Principal, the builder has access to an AuthenticationContext which contains the security protocol as well as the client address. However since 0.10.2.0 Kafka can have multiple listeners for the same security protocol using listener names (listener.security.protocol.map). While we can identify the source of the connection using the client address, having the listener name would make it simpler as IPs/networks can change and it currently requires to parse the client IP.

...

Code Block
languagejava
/**
 * Name of the listener used for the connection
 */
ListenerNameString listenerName();

 

As well as to all the existing implementations: PlaintextAuthenticationContext, SslAuthenticationContext and SaslAuthenticationContext.

That will return the String value (value()) of the ListenerName used by the connection. For example, with the following configuration:

Code Block
languagetext
listener.security.protocol.map=CLIENT:SASL_PLAINTEXT,REPLICATION:PLAINTEXT,INTERNAL_SASL:SASL_PLAINTEXT
advertised.listeners=CLIENT://cluster1.foo.com:9092,REPLICATION://broker1.replication.local:9093,INTERNAL_SASL://broker1.local:9094
listeners=CLIENT://192.1.1.8:9092,REPLICATION://10.1.1.5:9093,INTERNAL_SASL://10.1.1.5:9094

...

Compatibility, Deprecation, and Migration Plan

No compatilibtycompatibility, deprecation, migration plan required.

...