[
https://issues.apache.org/jira/browse/KAFKA-1683?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14184404#comment-14184404
]
Gwen Shapira commented on KAFKA-1683:
-------------------------------------
As mentioned earlier - we need to "enrich" the SocketServer with security
related information (such as Principal) and actions (security handshakes when
accepting connections and such).
This patch adds the extra information by attaching an object to the
SelectedKeys. This is inspired by similar implementation in ZooKeeper and is
different than the method used by KAFKA-1684 patch, which extends SocketChannel.
Both methods have merits, but we need to decide on one before proceeding, so
TLS and SASL implementations will be at least somewhat similar.
> Implement a "session" concept in the socket server
> --------------------------------------------------
>
> Key: KAFKA-1683
> URL: https://issues.apache.org/jira/browse/KAFKA-1683
> Project: Kafka
> Issue Type: Sub-task
> Components: security
> Affects Versions: 0.9.0
> Reporter: Jay Kreps
> Assignee: Gwen Shapira
> Attachments: KAFKA-1683.patch
>
>
> To implement authentication we need a way to keep track of some things
> between requests. The initial use for this would be remembering the
> authenticated user/principle info, but likely more uses would come up (for
> example we will also need to remember whether and which encryption or
> integrity measures are in place on the socket so we can wrap and unwrap
> writes and reads).
> I was thinking we could just add a Session object that might have a user
> field. The session object would need to get added to RequestChannel.Request
> so it is passed down to the API layer with each request.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
