> On May 8, 2015, 1:41 a.m., Jun Rao wrote: > > clients/src/main/java/org/apache/kafka/common/network/DefaultAuthenticator.java, > > lines 37-39 > > <https://reviews.apache.org/r/33620/diff/1/?file=943814#file943814line37> > > > > Do we want to return Principal or Subject? It seems that ssl only gives > > a Principal back. However, sasl can give back subject which has multiple > > principals?
Thanks for the review Jun. I am in the process of sending new patch. Current session in KAFKA-1683 takes in UserPrincipal hence the reason to return userPrincipal. Also SASL doesn't return Subject it uses subject on client and server to do authentication handshake. Once this is done on the server side we can call saslServer.getAuthorizationId() to get clients principal which is just a string. More info here http://docs.oracle.com/javase/7/docs/api/javax/security/sasl/SaslServer.html#getAuthorizationID%28%29 . I am going to upload the patch sasl by next week will make it more clear. - Sriharsha ----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/33620/#review82953 ----------------------------------------------------------- On April 28, 2015, 7:31 a.m., Sriharsha Chintalapani wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/33620/ > ----------------------------------------------------------- > > (Updated April 28, 2015, 7:31 a.m.) > > > Review request for kafka. > > > Bugs: KAFKA-1690 > https://issues.apache.org/jira/browse/KAFKA-1690 > > > Repository: kafka > > > Description > ------- > > KAFKA-1690. new java producer needs ssl support as a client. > > > Diffs > ----- > > checkstyle/checkstyle.xml a215ff36e9252879f1e0be5a86fef9a875bb8f38 > checkstyle/import-control.xml f2e6cec267e67ce8e261341e373718e14a8e8e03 > clients/src/main/java/org/apache/kafka/clients/ClientUtils.java > 0d68bf1e1e90fe9d5d4397ddf817b9a9af8d9f7a > clients/src/main/java/org/apache/kafka/clients/CommonClientConfigs.java > cf32e4e7c40738fe6d8adc36ae0cfad459ac5b0b > clients/src/main/java/org/apache/kafka/clients/consumer/ConsumerConfig.java > 42c72198a0325e234cf1d428b687663099de884e > clients/src/main/java/org/apache/kafka/clients/consumer/KafkaConsumer.java > 09ecb427c9f4482dd064428815128b1c426dc921 > clients/src/main/java/org/apache/kafka/clients/producer/KafkaProducer.java > 42b12928781463b56fc4a45d96bb4da2745b6d95 > clients/src/main/java/org/apache/kafka/clients/producer/ProducerConfig.java > 5a575553d30c1c0bda9ffef9e9b9eafae28deba5 > clients/src/main/java/org/apache/kafka/common/config/SecurityConfig.java > PRE-CREATION > clients/src/main/java/org/apache/kafka/common/network/Authenticator.java > PRE-CREATION > clients/src/main/java/org/apache/kafka/common/network/Channel.java > PRE-CREATION > > clients/src/main/java/org/apache/kafka/common/network/DefaultAuthenticator.java > PRE-CREATION > > clients/src/main/java/org/apache/kafka/common/network/PlainTextTransportLayer.java > PRE-CREATION > clients/src/main/java/org/apache/kafka/common/network/SSLFactory.java > PRE-CREATION > > clients/src/main/java/org/apache/kafka/common/network/SSLTransportLayer.java > PRE-CREATION > clients/src/main/java/org/apache/kafka/common/network/Selectable.java > b5f8d83e89f9026dc0853e5f92c00b2d7f043e22 > clients/src/main/java/org/apache/kafka/common/network/Selector.java > 57de0585e5e9a53eb9dcd99cac1ab3eb2086a302 > clients/src/main/java/org/apache/kafka/common/network/TransportLayer.java > PRE-CREATION > > clients/src/main/java/org/apache/kafka/common/protocol/SecurityProtocol.java > d3394ee669e1c2254403e95393511d0a17e6f250 > clients/src/main/java/org/apache/kafka/common/utils/Utils.java > f73eedb030987f018d8446bb1dcd98d19fa97331 > clients/src/test/java/org/apache/kafka/common/network/EchoServer.java > PRE-CREATION > clients/src/test/java/org/apache/kafka/common/network/SSLSelectorTest.java > PRE-CREATION > clients/src/test/java/org/apache/kafka/common/network/SelectorTest.java > d5b306b026e788b4e5479f3419805aa49ae889f3 > clients/src/test/java/org/apache/kafka/common/utils/UtilsTest.java > 2ebe3c21f611dc133a2dbb8c7dfb0845f8c21498 > clients/src/test/java/org/apache/kafka/test/TestSSLUtils.java PRE-CREATION > > Diff: https://reviews.apache.org/r/33620/diff/ > > > Testing > ------- > > > Thanks, > > Sriharsha Chintalapani > >
