[
https://issues.apache.org/jira/browse/KAFKA-3532?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15248831#comment-15248831
]
Ismael Juma commented on KAFKA-3532:
------------------------------------
I think we should allow one to to pass a list of fields instead of a single
field. There are cases where certificates include additional fields (email is a
common one) that get exposed via OIDs when `Principal.getName()` is called. It
would be straightforward to any undesired fields if one could pass the list of
desired fields.
> add principal.builder.class that can extract user from a field
> --------------------------------------------------------------
>
> Key: KAFKA-3532
> URL: https://issues.apache.org/jira/browse/KAFKA-3532
> Project: Kafka
> Issue Type: Wish
> Affects Versions: 0.9.0.1
> Reporter: Jun Rao
> Assignee: Sriharsha Chintalapani
>
> By default, the user name associated with an SSL connection looks like the
> following. Often, people may want to extract one of the field (e.g., CN) as
> the user. It would be good if we can have a built-in principal builder that
> does that.
> CN=writeuser,OU=Unknown,O=Unknown,L=Unknown,ST=Unknown,C=Unknown
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
