[jira] [Commented] (KAFKA-6283) Configuration of custom SCRAM SaslServer implementations

[ASF GitHub Bot (JIRA)]

    [ 
https://issues.apache.org/jira/browse/KAFKA-6283?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16271165#comment-16271165
 ] 

ASF GitHub Bot commented on KAFKA-6283:
---------------------------------------

GitHub user tombentley opened a pull request:

    https://github.com/apache/kafka/pull/4274

    KAFKA-6283: Configuration of custom SCRAM SaslServer implementations

    Pass the jaasContext to the ScramServerCallbackHandler, so that custom 
implementations of a SCRAM SaslServer have access to the JAAS configuration.
    
    ### Committer Checklist (excluded from commit message)
    - [ ] Verify design and implementation 
    - [ ] Verify test coverage and CI build status
    - [ ] Verify documentation (including upgrade notes)


You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/tombentley/kafka KAFKA-6283-sasl-server-jaas

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/kafka/pull/4274.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #4274
    
----
commit a028d2cc8bc63e0313a0d7c52b70edbbcce0ab8e
Author: Tom Bentley <tbent...@redhat.com>
Date:   2017-11-29T15:55:15Z

    KAFKA-6283: Configuration of custom SCRAM SaslServer implementations

----


> Configuration of custom SCRAM SaslServer implementations
> --------------------------------------------------------
>
>                 Key: KAFKA-6283
>                 URL: https://issues.apache.org/jira/browse/KAFKA-6283
>             Project: Kafka
>          Issue Type: Bug
>            Reporter: Tom Bentley
>            Assignee: Tom Bentley
>            Priority: Minor
>
> It is difficult to supply configuration information to a custom 
> {{SaslServer}} implementation when a SCRAM mechanism is used. 
> {{SaslServerAuthenticator.createSaslServer()}} creates a {{SaslServer}} for a 
> given mechanism. The call to {{Sasl.createSaslServer()}} passes the broker 
> config and a callback handler. In the case of a SCRAM mechanism the callback 
> handler is a {{ScramServerCallbackHandler}} which doesn't have access to the 
> {{jaasContext}}. This makes it hard to configure a such a {{SaslServer}} 
> because I can't supply custom keys to the broker config (any unknown ones get 
> removed) and I don't have access to the JAAS config.
> In the case of a non-SCRAM {{SaslServer}}, I at least have access to the JAAS 
> config via the {{SaslServerCallbackHandler}}.
> A simple way to solve this would be to pass the {{jaasContext}} to the 
> {{ScramServerCallbackHandler}} from where a custom {{SaslServerFactory}} 
> could retrieve it.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)