[
https://issues.apache.org/jira/browse/KAFKA-2675?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14971107#comment-14971107
]
Sriharsha Chintalapani commented on KAFKA-2675:
-----------------------------------------------
1. Decide on `serviceName` configuration: do we want to keep it in two places?
We should keep this in two places. Configuring serviceName in jaas file as been
the way to go in all other projects. We only kept in two places because of IBM
jdk.
3. Implement or remove SASL_KAFKA_SERVER_REALM config
This is required on the client side. Its very common scenario where
server/broker in one relam and clients are in another . In this case clients
needs to configure the server realm. By default we use clients realm to connect
to server.
> SASL/Kerberos follow-up
> -----------------------
>
> Key: KAFKA-2675
> URL: https://issues.apache.org/jira/browse/KAFKA-2675
> Project: Kafka
> Issue Type: Sub-task
> Components: security
> Reporter: Ismael Juma
> Assignee: Ismael Juma
> Fix For: 0.9.0.0
>
>
> This is a follow-up to KAFKA-1686.
> 1. Decide on `serviceName` configuration: do we want to keep it in two places?
> 2. auth.to.local config name is a bit opaque, is there a better one?
> 3. Implement or remove SASL_KAFKA_SERVER_REALM config
> 4. Consider making Login's thread a daemon thread
> 5. Write test that shows authentication failure due to invalid user
> 6. Write test that shows authentication failure due to wrong password
> 7. Write test that shows authentication failure due ticket expiring
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
