[ 
https://issues.apache.org/jira/browse/KAFKA-2675?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14971107#comment-14971107
 ] 

Sriharsha Chintalapani commented on KAFKA-2675:
-----------------------------------------------

1. Decide on `serviceName` configuration: do we want to keep it in two places?
We should keep this in two places. Configuring serviceName in jaas file as been 
the way to go in all other projects. We only kept in two places because of IBM 
jdk.
3. Implement or remove SASL_KAFKA_SERVER_REALM config
  This is required on the client side. Its very common scenario where 
server/broker in one relam and clients are in another . In this case clients 
needs to configure the server realm. By default we use clients realm to connect 
to server.

> SASL/Kerberos follow-up
> -----------------------
>
>                 Key: KAFKA-2675
>                 URL: https://issues.apache.org/jira/browse/KAFKA-2675
>             Project: Kafka
>          Issue Type: Sub-task
>          Components: security
>            Reporter: Ismael Juma
>            Assignee: Ismael Juma
>             Fix For: 0.9.0.0
>
>
> This is a follow-up to KAFKA-1686. 
> 1. Decide on `serviceName` configuration: do we want to keep it in two places?
> 2. auth.to.local config name is a bit opaque, is there a better one?
> 3. Implement or remove SASL_KAFKA_SERVER_REALM config
> 4. Consider making Login's thread a daemon thread
> 5. Write test that shows authentication failure due to invalid user
> 6. Write test that shows authentication failure due to wrong password
> 7. Write test that shows authentication failure due ticket expiring



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to