Hi Tao, The other way would be to implement a SASL provider:
https://docs.oracle.com/javase/8/docs/technotes/guides/security/sasl/sasl-refguide.html#PROV This would still require Kafka to be changed, some of the changes are in the following PR: https://github.com/apache/kafka/pull/341 As per the discussion in the PR above, a KIP is also required. Ismael On Wed, Jan 20, 2016 at 1:48 AM, tao xiao <xiaotao...@gmail.com> wrote: > Hi Ismael, > > BTW looks like I don't have the permission to add a KIP in Kafka space. Can > you please grant me the permission? > > On Wed, 20 Jan 2016 at 09:40 tao xiao <xiaotao...@gmail.com> wrote: > > > Hi Ismael, > > > > Thank you for your reply. I am happy to have a writeup on this. > > > > Can you think of any other ways to make security protocol pluggable > > instead of extending ChannelBuilder? > > > > On Wed, 20 Jan 2016 at 02:14 Ismael Juma <ism...@juma.me.uk> wrote: > > > >> Hi Tao, > >> > >> As you say, security protocols are not currently pluggable. > >> `ChannelBuilder` is already an interface, but `SecurityProtocol` is an > >> enum, which makes it hard for users to add additional security > protocols. > >> Changing this would probably require a KIP: > >> > >> > >> > https://cwiki.apache.org/confluence/display/KAFKA/Kafka+Improvement+Proposals > >> > >> Ismael > >> > >> On Mon, Jan 18, 2016 at 3:15 AM, tao xiao <xiaotao...@gmail.com> wrote: > >> > >> > Hi Kafka team, > >> > > >> > I want to know if I can plug-in my own security protocol to Kafka to > >> > implement project specific authentication mechanism. The current > >> supported > >> > authentication protocols, SASL/GSSAPI and SSL, are not supported in my > >> > company and we have own security protocol to do authentication. > >> > > >> > Is it a good idea to make ChannelBuilder extensible so that I can > >> implement > >> > it with my own security channel? > >> > > >> > > >
