[jira] [Commented] (CAMEL-22864) Camel-Kafka: Add KafkaSecurityConfigurer utility class to simplify Kafka authentication configuration

Fri, 16 Jan 2026 05:10:07 -0800 


    [ 
https://issues.apache.org/jira/browse/CAMEL-22864?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=18052384#comment-18052384
 ] 

Andrea Cosentino commented on CAMEL-22864:
------------------------------------------

[~davsclaus] [~orpiske] [~fmariani] and anyone, please share your opinion

> Camel-Kafka: Add KafkaSecurityConfigurer utility class to simplify Kafka 
> authentication configuration
> -----------------------------------------------------------------------------------------------------
>
>                 Key: CAMEL-22864
>                 URL: https://issues.apache.org/jira/browse/CAMEL-22864
>             Project: Camel
>          Issue Type: Improvement
>            Reporter: Andrea Cosentino
>            Assignee: Andrea Cosentino
>            Priority: Major
>             Fix For: 4.x
>
>
> Currently, configuring Kafka authentication in Camel requires users to 
> manually construct JAAS configuration strings, which is error-prone and 
> requires deep knowledge of Kafka security internals:
>   // Current approach - verbose and error-prone
>   from("kafka:myTopic?brokers=localhost:9092"
>       + "&securityProtocol=SASL_SSL"
>       + "&saslMechanism=SCRAM-SHA-512"
>       + 
> "&saslJaasConfig=org.apache.kafka.common.security.scram.ScramLoginModule 
> required username=\"user\" password=\"pass\";")
> Users must know:
>   - The correct JAAS login module class name for each authentication type
>   - The exact JAAS configuration syntax
>   - Which securityProtocol to use with which saslMechanism
>   - How to properly escape special characters in credentials
> This complexity has led to a proliferation of Kamelets in the camel-kamelets 
> project, where 24 separate Kafka Kamelets exist to cover different 
> authentication combinations (PLAIN, SCRAM-SHA-256, SCRAM-SHA-512, SSL, etc.).
> We've been discussing in the past about creating a factory for this purpose. 
> In particular adding a new KafkaSecurityConfigurer utility class and 
> KafkaAuthType enum to camel-kafka. This is for tracking purpose. I don't know 
> it makes sense to introduce this before or after the next 4.18.x LTS



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to