HI again, everyone. Still looking for 2 more binding votes. PR is now available at https://github.com/apache/kafka/pull/4994.
Ron On Tue, May 8, 2018 at 9:45 AM, Ron Dagostino <rndg...@gmail.com> wrote: > HI everyone. Can we get 2 more binding votes on this KIP (and non-binding > votes, too)? > > Ron > > On Fri, May 4, 2018 at 11:53 AM, Rajini Sivaram <rajinisiva...@gmail.com> > wrote: > >> Hi Ron, >> >> +1 (binding) >> >> Thanks for the KIP! >> >> Regards, >> >> Rajini >> >> On Fri, May 4, 2018 at 4:55 AM, Ron Dagostino <rndg...@gmail.com> wrote: >> >> > Hi everyone. I would like to start the vote for KIP-255: >> > https://cwiki.apache.org/confluence/pages/viewpage.action? >> pageId=75968876 >> > >> > This KIP proposes to add the following functionality related to >> > SASL/OAUTHBEARER: >> > >> > 1) Allow clients (both brokers when SASL/OAUTHBEARER is the inter-broker >> > protocol as well as non-broker clients) to flexibly retrieve an access >> > token from an OAuth 2 authorization server based on the declaration of a >> > custom login CallbackHandler implementation and have that access token >> > transparently and automatically transmitted to a broker for >> authentication. >> > >> > 2) Allow brokers to flexibly validate provided access tokens when a >> client >> > establishes a connection based on the declaration of a custom SASL >> Server >> > CallbackHandler implementation. >> > >> > 3) Provide implementations of the above retrieval and validation >> features >> > based on an unsecured JSON Web Token that function out-of-the-box with >> > minimal configuration required (i.e. implementations of the two types of >> > callback handlers mentioned above will be used by default with no need >> to >> > explicitly declare them). >> > >> > 4) Allow clients (both brokers when SASL/OAUTHBEARER is the inter-broker >> > protocol as well as non-broker clients) to transparently retrieve a new >> > access token in the background before the existing access token expires >> in >> > case the client has to open new connections. >> > >> > Thanks, >> > >> > Ron >> > >> > >