[ https://issues.apache.org/jira/browse/KAFKA-6283?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16271165#comment-16271165 ]
ASF GitHub Bot commented on KAFKA-6283: --------------------------------------- GitHub user tombentley opened a pull request: https://github.com/apache/kafka/pull/4274 KAFKA-6283: Configuration of custom SCRAM SaslServer implementations Pass the jaasContext to the ScramServerCallbackHandler, so that custom implementations of a SCRAM SaslServer have access to the JAAS configuration. ### Committer Checklist (excluded from commit message) - [ ] Verify design and implementation - [ ] Verify test coverage and CI build status - [ ] Verify documentation (including upgrade notes) You can merge this pull request into a Git repository by running: $ git pull https://github.com/tombentley/kafka KAFKA-6283-sasl-server-jaas Alternatively you can review and apply these changes as the patch at: https://github.com/apache/kafka/pull/4274.patch To close this pull request, make a commit to your master/trunk branch with (at least) the following in the commit message: This closes #4274 ---- commit a028d2cc8bc63e0313a0d7c52b70edbbcce0ab8e Author: Tom Bentley <tbent...@redhat.com> Date: 2017-11-29T15:55:15Z KAFKA-6283: Configuration of custom SCRAM SaslServer implementations ---- > Configuration of custom SCRAM SaslServer implementations > -------------------------------------------------------- > > Key: KAFKA-6283 > URL: https://issues.apache.org/jira/browse/KAFKA-6283 > Project: Kafka > Issue Type: Bug > Reporter: Tom Bentley > Assignee: Tom Bentley > Priority: Minor > > It is difficult to supply configuration information to a custom > {{SaslServer}} implementation when a SCRAM mechanism is used. > {{SaslServerAuthenticator.createSaslServer()}} creates a {{SaslServer}} for a > given mechanism. The call to {{Sasl.createSaslServer()}} passes the broker > config and a callback handler. In the case of a SCRAM mechanism the callback > handler is a {{ScramServerCallbackHandler}} which doesn't have access to the > {{jaasContext}}. This makes it hard to configure a such a {{SaslServer}} > because I can't supply custom keys to the broker config (any unknown ones get > removed) and I don't have access to the JAAS config. > In the case of a non-SCRAM {{SaslServer}}, I at least have access to the JAAS > config via the {{SaslServerCallbackHandler}}. > A simple way to solve this would be to pass the {{jaasContext}} to the > {{ScramServerCallbackHandler}} from where a custom {{SaslServerFactory}} > could retrieve it. -- This message was sent by Atlassian JIRA (v6.4.14#64029)