[jira] [Comment Edited] (KAFKA-5764) KafkaShortnamer should allow for case inensitive matches

Mon, 28 Aug 2017 09:25:38 -0700 

    [ 
https://issues.apache.org/jira/browse/KAFKA-5764?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16143947#comment-16143947
 ] 

Ruslan Dautkhanov edited comment on KAFKA-5764 at 8/28/17 4:24 PM:
-------------------------------------------------------------------

Thank you [~dkaspar] for this information. 
Would be great if Kafka would optionally use hadoop.security.auth_to_local 
whenever available and fallback to sasl.kerberos.principal.to.local.rules if 
hadoop.security.auth_to_local isn't set.
We have so many components use hadoop.security.auth_to_local - including hdfs, 
yarn, hive, spark, impala and it seems that we would need to duplicate 
auth_to_local rules into Kafka config. We have a lot of rules in 
hadoop.security.auth_to_local so it would be much easier to maintain if it's in 
one place. thank you.

Edit: created KAFKA-5801. 


was (Author: tagar):
Thank you [~dkaspar] for this information. 
Would be great if Kafka would optionally use hadoop.security.auth_to_local 
whenever available and fallback to sasl.kerberos.principal.to.local.rules if 
hadoop.security.auth_to_local isn't set.
We have so many components use hadoop.security.auth_to_local - including hdfs, 
yarn, hive, spark, impala and it seems that we would need to duplicate 
auth_to_local rules into Kafka config. We have a lot of rules in 
hadoop.security.auth_to_local so it would be much easier to maintain if it's in 
one place.

> KafkaShortnamer should allow for case inensitive matches 
> ---------------------------------------------------------
>
>                 Key: KAFKA-5764
>                 URL: https://issues.apache.org/jira/browse/KAFKA-5764
>             Project: Kafka
>          Issue Type: Improvement
>          Components: security
>    Affects Versions: 0.11.0.0
>            Reporter: Ryan P
>
> Currently it does not appear that the KafkaShortnamer allows for case 
> insensitive search and replace rules. 
> It would be good to match the functionality provided by HDFS as operators are 
> familiar with this. This also makes it easier to port auth_to_local rules 
> from your existing hdfs configurations to your new kafka configuration. 
> HWX auth_to_local guide for reference
> https://community.hortonworks.com/articles/14463/auth-to-local-rules-syntax.html



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Reply via email to