[
https://issues.apache.org/jira/browse/KAFKA-14881?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17713017#comment-17713017
]
Mickael Maison edited comment on KAFKA-14881 at 4/17/23 10:41 AM:
------------------------------------------------------------------
Right, this would be nice to have in 3.5.0.
was (Author: mimaison):
Right, this would be nice to have in 3.5.0.
> Update UserScramCredentialRecord for SCRAM ZK to KRaft migration
> ----------------------------------------------------------------
>
> Key: KAFKA-14881
> URL: https://issues.apache.org/jira/browse/KAFKA-14881
> Project: Kafka
> Issue Type: Improvement
> Components: kraft
> Affects Versions: 3.5.0
> Reporter: Proven Provenzano
> Assignee: Proven Provenzano
> Priority: Major
> Fix For: 3.6.0
>
>
> I want to support ZK to KRaft migration.
> ZK stores a storedKey and a serverKey for each SCRAM credential not the
> saltedPassword.
> The storedKey and serverKey are a crypto hash of some data with the
> saltedPassword and it is not possible to extract the saltedPassword from them.
> The serverKey and storedKey are enough for SCRAM authentication and
> saltedPassword is not needed.
> I will update the UserScramCredentialRecord to store serverKey and storedKey
> instead of saltedPassword and I will update that SCRAM is only supported with
> a bumped version of IBP_3_5 so that there are no compatibility issues.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
