[
https://issues.apache.org/jira/browse/KAFKA-4406?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15667481#comment-15667481
]
Magnus Reftel commented on KAFKA-4406:
--------------------------------------
For client applications, I agree that it is better to just call
`Security.addProvider` directly, which is what we do. The purpose of this
change is to allow configuration files to add security providers to the Kafka
brokers. The alternative there is, as far as I can see, only to add a
`-Djava.security.properties`, guessing at a free provider index, and hoping
that it stays unused over time. That doesn't seem like a reliable solution to
me.
> Add support for custom Java Security Providers in configuration
> ---------------------------------------------------------------
>
> Key: KAFKA-4406
> URL: https://issues.apache.org/jira/browse/KAFKA-4406
> Project: Kafka
> Issue Type: Improvement
> Components: core
> Affects Versions: 0.10.0.1
> Reporter: Magnus Reftel
> Priority: Minor
>
> Currently, the only way to add a custom security provider is though adding a
> -Djava.security.properties=<filename> option to the command line, e.g. though
> KAFKA_OPTS. It would be more convenient if this could be done though the
> config file, like all the other SSL related options.
> I propose adding a new configuration option, ssl.provider.classes, which
> holds a list of names of security provider classes that will be loaded,
> instantiated, and added before creating SSL contexts.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
