You are viewing a plain text version of this content. The canonical link for it is here.
Posted to jira@kafka.apache.org by "Tom Bentley (JIRA)" <ji...@apache.org> on 2017/11/29 15:51:00 UTC
[jira] [Created] (KAFKA-6283) Configuration of custom SCRAM
SaslServer implementations
Tom Bentley created KAFKA-6283:
----------------------------------
Summary: Configuration of custom SCRAM SaslServer implementations
Key: KAFKA-6283
URL: https://issues.apache.org/jira/browse/KAFKA-6283
Project: Kafka
Issue Type: Bug
Reporter: Tom Bentley
Assignee: Tom Bentley
Priority: Minor
It is difficult to supply configuration information to a custom {{SaslServer}} implementation when a SCRAM mechanism is used.
{{SaslServerAuthenticator.createSaslServer()}} creates a {{SaslServer}} for a given mechanism. The call to {{Sasl.createSaslServer()}} passes the broker config and a callback handler. In the case of a SCRAM mechanism the callback handler is a {{ScramServerCallbackHandler}} which doesn't have access to the {{jaasContext}}. This makes it hard to configure a such a {{SaslServer}} because I can't supply custom keys to the broker config (any unknown ones get removed) and I don't have access to the JAAS config.
In the case of a non-SCRAM {{SaslServer}}, I at least have access to the JAAS config via the {{SaslServerCallbackHandler}}.
A simple way to solve this would be to pass the {{jaasContext}} to the {{ScramServerCallbackHandler}} from where a custom {{SaslServerFactory}} could retrieve it.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)