[
https://issues.apache.org/jira/browse/KAFKA-4406?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15670468#comment-15670468
]
Magnus Reftel commented on KAFKA-4406:
--------------------------------------
Right, so `ssl.` is out. How about `security.providers`?
For SASL, another option would be that if the user specified a preference of
provider, then get the factory class manually via
`Class.forName(Security.getProvider(configuredName).get("SaslClientFactory." +
configuredMechanism))`. That way, we'd be able to use provider names in all
places where we use the JCA provider mechanism.
How about the use of MessageDigest that you pointed out (only used by
SkimpyOffsetMap.scala it seems)? Should there be some way of selecting provider
there as well, for consistency?
> Add support for custom Java Security Providers in configuration
> ---------------------------------------------------------------
>
> Key: KAFKA-4406
> URL: https://issues.apache.org/jira/browse/KAFKA-4406
> Project: Kafka
> Issue Type: Improvement
> Components: core
> Affects Versions: 0.10.0.1
> Reporter: Magnus Reftel
> Priority: Minor
>
> Currently, the only way to add a custom security provider is though adding a
> -Djava.security.properties=<filename> option to the command line, e.g. though
> KAFKA_OPTS. It would be more convenient if this could be done though the
> config file, like all the other SSL related options.
> I propose adding a new configuration option, ssl.provider.classes, which
> holds a list of names of security provider classes that will be loaded,
> instantiated, and added before creating SSL contexts.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
