[
https://issues.apache.org/jira/browse/CAMEL-22864?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Claus Ibsen updated CAMEL-22864:
--------------------------------
Component/s: camel-kafka
> Camel-Kafka: Add KafkaSecurityConfigurer utility class to simplify Kafka
> authentication configuration
> -----------------------------------------------------------------------------------------------------
>
> Key: CAMEL-22864
> URL: https://issues.apache.org/jira/browse/CAMEL-22864
> Project: Camel
> Issue Type: Improvement
> Components: camel-kafka
> Reporter: Andrea Cosentino
> Assignee: Andrea Cosentino
> Priority: Major
> Fix For: 4.x
>
>
> Currently, configuring Kafka authentication in Camel requires users to
> manually construct JAAS configuration strings, which is error-prone and
> requires deep knowledge of Kafka security internals:
> // Current approach - verbose and error-prone
> from("kafka:myTopic?brokers=localhost:9092"
> + "&securityProtocol=SASL_SSL"
> + "&saslMechanism=SCRAM-SHA-512"
> +
> "&saslJaasConfig=org.apache.kafka.common.security.scram.ScramLoginModule
> required username=\"user\" password=\"pass\";")
> Users must know:
> - The correct JAAS login module class name for each authentication type
> - The exact JAAS configuration syntax
> - Which securityProtocol to use with which saslMechanism
> - How to properly escape special characters in credentials
> This complexity has led to a proliferation of Kamelets in the camel-kamelets
> project, where 24 separate Kafka Kamelets exist to cover different
> authentication combinations (PLAIN, SCRAM-SHA-256, SCRAM-SHA-512, SSL, etc.).
> We've been discussing in the past about creating a factory for this purpose.
> In particular adding a new KafkaSecurityConfigurer utility class and
> KafkaAuthType enum to camel-kafka. This is for tracking purpose. I don't know
> it makes sense to introduce this before or after the next 4.18.x LTS
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
