Tao, I have granted you the access.
Guozhang On Tue, Jan 19, 2016 at 7:56 PM, Connie Yang <cybercon...@gmail.com> wrote: > @Ismael, what's the status of the SASL/PLAIN PR, > https://github.com/apache/kafka/pull/341? > > > > On Tue, Jan 19, 2016 at 6:25 PM, tao xiao <xiaotao...@gmail.com> wrote: > > > The PR provides a new SASL mech but it doesn't provide a pluggable way to > > implement user's own logic to do authentication. So I don't think the PR > > will meet my need. > > > > I will write a KIP to open the discussion. > > > > p.s. Ismael, can you grant me the permission to create a KIP in Kafka > > space? > > > > > > On Wed, 20 Jan 2016 at 10:08 Ismael Juma <ism...@juma.me.uk> wrote: > > > > > Hi Tao, > > > > > > The other way would be to implement a SASL provider: > > > > > > > > > > > > https://docs.oracle.com/javase/8/docs/technotes/guides/security/sasl/sasl-refguide.html#PROV > > > > > > This would still require Kafka to be changed, some of the changes are > in > > > the following PR: > > > > > > https://github.com/apache/kafka/pull/341 > > > > > > As per the discussion in the PR above, a KIP is also required. > > > > > > Ismael > > > > > > On Wed, Jan 20, 2016 at 1:48 AM, tao xiao <xiaotao...@gmail.com> > wrote: > > > > > > > Hi Ismael, > > > > > > > > BTW looks like I don't have the permission to add a KIP in Kafka > space. > > > Can > > > > you please grant me the permission? > > > > > > > > On Wed, 20 Jan 2016 at 09:40 tao xiao <xiaotao...@gmail.com> wrote: > > > > > > > > > Hi Ismael, > > > > > > > > > > Thank you for your reply. I am happy to have a writeup on this. > > > > > > > > > > Can you think of any other ways to make security protocol pluggable > > > > > instead of extending ChannelBuilder? > > > > > > > > > > On Wed, 20 Jan 2016 at 02:14 Ismael Juma <ism...@juma.me.uk> > wrote: > > > > > > > > > >> Hi Tao, > > > > >> > > > > >> As you say, security protocols are not currently pluggable. > > > > >> `ChannelBuilder` is already an interface, but `SecurityProtocol` > is > > an > > > > >> enum, which makes it hard for users to add additional security > > > > protocols. > > > > >> Changing this would probably require a KIP: > > > > >> > > > > >> > > > > >> > > > > > > > > > > https://cwiki.apache.org/confluence/display/KAFKA/Kafka+Improvement+Proposals > > > > >> > > > > >> Ismael > > > > >> > > > > >> On Mon, Jan 18, 2016 at 3:15 AM, tao xiao <xiaotao...@gmail.com> > > > wrote: > > > > >> > > > > >> > Hi Kafka team, > > > > >> > > > > > >> > I want to know if I can plug-in my own security protocol to > Kafka > > to > > > > >> > implement project specific authentication mechanism. The current > > > > >> supported > > > > >> > authentication protocols, SASL/GSSAPI and SSL, are not supported > > in > > > my > > > > >> > company and we have own security protocol to do authentication. > > > > >> > > > > > >> > Is it a good idea to make ChannelBuilder extensible so that I > can > > > > >> implement > > > > >> > it with my own security channel? > > > > >> > > > > > >> > > > > > > > > > > > > > > > -- -- Guozhang
