Re: [PR] MINOR: Delete KafkaSecurityConfigs class [kafka]

Wed, 29 May 2024 07:17:50 -0700 


mimaison commented on code in PR #16113:
URL: https://github.com/apache/kafka/pull/16113#discussion_r1618975036


##########
clients/src/main/java/org/apache/kafka/common/config/internals/BrokerSecurityConfigs.java:
##########
@@ -30,48 +33,40 @@
 public class BrokerSecurityConfigs {
 
     public static final String PRINCIPAL_BUILDER_CLASS_CONFIG = 
"principal.builder.class";
-    public static final String SASL_KERBEROS_PRINCIPAL_TO_LOCAL_RULES_CONFIG = 
"sasl.kerberos.principal.to.local.rules";
-    public static final String SSL_CLIENT_AUTH_CONFIG = "ssl.client.auth";
-    public static final String SASL_ENABLED_MECHANISMS_CONFIG = 
"sasl.enabled.mechanisms";
-    public static final String SASL_SERVER_CALLBACK_HANDLER_CLASS = 
"sasl.server.callback.handler.class";
     public static final String SSL_PRINCIPAL_MAPPING_RULES_CONFIG = 
"ssl.principal.mapping.rules";
-    public static final String CONNECTIONS_MAX_REAUTH_MS = 
"connections.max.reauth.ms";
-    public static final long DEFAULT_CONNECTIONS_MAX_REAUTH_MS = 0L;
-    public static final int DEFAULT_SASL_SERVER_MAX_RECEIVE_SIZE = 524288;
-    public static final String SASL_SERVER_MAX_RECEIVE_SIZE_CONFIG = 
"sasl.server.max.receive.size";
-    public static final String SSL_ALLOW_DN_CHANGES_CONFIG = 
"ssl.allow.dn.changes";
-    public static final boolean DEFAULT_SSL_ALLOW_DN_CHANGES_VALUE = false;
-    public static final String SSL_ALLOW_SAN_CHANGES_CONFIG = 
"ssl.allow.san.changes";
-    public static final boolean DEFAULT_SSL_ALLOW_SAN_CHANGES_VALUE = false;
 
-    public static final String PRINCIPAL_BUILDER_CLASS_DOC = "The fully 
qualified name of a class that implements the " +
-            "KafkaPrincipalBuilder interface, which is used to build the 
KafkaPrincipal object used during " +
-            "authorization. If no principal builder is defined, the default 
behavior depends " +
-            "on the security protocol in use. For SSL authentication,  the 
principal will be derived using the " +
-            "rules defined by <code>" + SSL_PRINCIPAL_MAPPING_RULES_CONFIG + 
"</code> applied on the distinguished " +
-            "name from the client certificate if one is provided; otherwise, 
if client authentication is not required, " +
-            "the principal name will be ANONYMOUS. For SASL authentication, 
the principal will be derived using the " +
-            "rules defined by <code>" + 
SASL_KERBEROS_PRINCIPAL_TO_LOCAL_RULES_CONFIG + "</code> if GSSAPI is in use, " 
+
-            "and the SASL authentication ID for other mechanisms. For 
PLAINTEXT, the principal will be ANONYMOUS.";
+    public static final String SASL_KERBEROS_PRINCIPAL_TO_LOCAL_RULES_CONFIG = 
"sasl.kerberos.principal.to.local.rules";
+    public static final List<String> 
DEFAULT_SASL_KERBEROS_PRINCIPAL_TO_LOCAL_RULES = 
Collections.singletonList("DEFAULT");

Review Comment:
   Yes, done



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: jira-unsubscr...@kafka.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Reply via email to