Hi Rajini, updated the KIP to reflect the ordering of the providers passed
and added information about the configured providers taking precedence over
the login module providers in case of SASL. Also updated the config name.
Please take a look and if everything looks good, I can start a vote.
On F
Hi Harsha,
Since one provider can implement multiple things, excluding SASL may mean
not adding providers which implement any SASL mechanism even though you are
actually interested only in one SSL algorithm that also happens to be in
the provider. Perhaps it would be simpler to allow SASL as well,
Thanks Rajini .
> 4) The main difference between SSL and SASL is that for SSL, you register a
> provider with your own algorithm name and you specify your algorithm name
> in a separate config. This algorithm name can be anything you choose. For
> SASL, we register providers for standard SASL mech
Hi Sandeep/Harsha,
I don't have any major concerns about this KIP since it solves a specific
issue and is a relatively minor change. I am unconvinced about the SASL
case, but it probably is better to add as a config that can be used with
SASL as well in future anyway.
Just to complete the convers
Thanks for the details.
Rajini, Can you please take a look and let us know if these addresses your
concerns.
Thanks,
Harsha
On Mon, Jul 22, 2019, at 9:36 AM, Sandeep Mopuri wrote:
> Hi Rajini,
> Thanks for raising the above questions. Please find the
> replies below
>
> On Wed, Ju
Hi Rajini,
Thanks for raising the above questions. Please find the
replies below
On Wed, Jul 17, 2019 at 2:49 AM Rajini Sivaram
wrote:
> Hi Sandeep,
>
> Thanks for the KIP. A few questions below:
>
>1. Is the main use case for this KIP adding security providers for SSL?
>If
Hi Sandeep,
Thanks for the KIP. A few questions below:
1. Is the main use case for this KIP adding security providers for SSL?
If so, wouldn't a more generic solution like KIP-383 work for this?
2. Presumably this config would also apply to clients. If so, have we
thought through the
Thanks for the KIP Sandeep. LGTM.
Mani & Rajini, can you please look at the KIP as well.
Thanks,
Harsha
On Tue, Jul 16, 2019, at 2:54 PM, Sandeep Mopuri wrote:
> Thanks for the suggestions, made changes accordingly.
>
> On Tue, Jul 16, 2019 at 9:27 AM Satish Duggana
> wrote:
>
> > Hi Sandeep,
Thanks for the suggestions, made changes accordingly.
On Tue, Jul 16, 2019 at 9:27 AM Satish Duggana
wrote:
> Hi Sandeep,
> Thanks for the KIP, I have few comments below.
>
> >>“To take advantage of these custom algorithms, we want to support java
> security provider parameter in security config
Hi Sandeep,
Thanks for the KIP, I have few comments below.
>>“To take advantage of these custom algorithms, we want to support java
>>security provider parameter in security config. This param can be used by
>>kafka brokers or kafka clients(when connecting to the kafka brokers). The
>>security
Hello all,
I'd like to start a discussion thread for KIP-492.
This KIP plans on introducing a new security config parameter for a custom
security providers. Please take a look and let me know what do you think.
More information can be found here:
https://cwiki.apache.org/confluence/display/KAFKA/
11 matches
Mail list logo
