kafka-jira mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF GitHub Bot (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (KAFKA-6283) Configuration of custom SCRAM SaslServer implementations
Date Wed, 29 Nov 2017 17:29:00 GMT

    [ https://issues.apache.org/jira/browse/KAFKA-6283?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16271165#comment-16271165
] 

ASF GitHub Bot commented on KAFKA-6283:
---------------------------------------

GitHub user tombentley opened a pull request:

    https://github.com/apache/kafka/pull/4274

    KAFKA-6283: Configuration of custom SCRAM SaslServer implementations

    Pass the jaasContext to the ScramServerCallbackHandler, so that custom implementations
of a SCRAM SaslServer have access to the JAAS configuration.
    
    ### Committer Checklist (excluded from commit message)
    - [ ] Verify design and implementation 
    - [ ] Verify test coverage and CI build status
    - [ ] Verify documentation (including upgrade notes)


You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/tombentley/kafka KAFKA-6283-sasl-server-jaas

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/kafka/pull/4274.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #4274
    
----
commit a028d2cc8bc63e0313a0d7c52b70edbbcce0ab8e
Author: Tom Bentley <tbentley@redhat.com>
Date:   2017-11-29T15:55:15Z

    KAFKA-6283: Configuration of custom SCRAM SaslServer implementations

----


> Configuration of custom SCRAM SaslServer implementations
> --------------------------------------------------------
>
>                 Key: KAFKA-6283
>                 URL: https://issues.apache.org/jira/browse/KAFKA-6283
>             Project: Kafka
>          Issue Type: Bug
>            Reporter: Tom Bentley
>            Assignee: Tom Bentley
>            Priority: Minor
>
> It is difficult to supply configuration information to a custom {{SaslServer}} implementation
when a SCRAM mechanism is used. 
> {{SaslServerAuthenticator.createSaslServer()}} creates a {{SaslServer}} for a given mechanism.
The call to {{Sasl.createSaslServer()}} passes the broker config and a callback handler. In
the case of a SCRAM mechanism the callback handler is a {{ScramServerCallbackHandler}} which
doesn't have access to the {{jaasContext}}. This makes it hard to configure a such a {{SaslServer}}
because I can't supply custom keys to the broker config (any unknown ones get removed) and
I don't have access to the JAAS config.
> In the case of a non-SCRAM {{SaslServer}}, I at least have access to the JAAS config
via the {{SaslServerCallbackHandler}}.
> A simple way to solve this would be to pass the {{jaasContext}} to the {{ScramServerCallbackHandler}}
from where a custom {{SaslServerFactory}} could retrieve it.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Mime
View raw message