Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: support SaslHandshakeRequest v1 #1354

Merged
merged 1 commit into from
Apr 26, 2019
Merged

feat: support SaslHandshakeRequest v1 #1354

merged 1 commit into from
Apr 26, 2019

Conversation

dnwe
Copy link
Collaborator

@dnwe dnwe commented Apr 10, 2019
edited
Loading

If SaslHandshakeRequest version is v0, a series of SASL client and
server tokens corresponding to the mechanism are sent as opaque packets
without wrapping the messages with Kafka protocol headers. If
SaslHandshakeRequest version is v1, the SaslAuthenticate
request/response are used, where the actual SASL tokens are wrapped in
the Kafka protocol. The error code in the final message from the broker
will indicate if authentication succeeded or failed.

References:
https://kafka.apache.org/protocol#sasl_handshake
https://kafka.apache.org/protocol#The_Messages_SaslHandshake
https://kafka.apache.org/protocol#The_Messages_SaslAuthenticate

@dnwe
feat: support SaslHandshakeRequest v1
ee8eed6 
> If SaslHandshakeRequest version is v0, a series of SASL client and
> server tokens corresponding to the mechanism are sent as opaque packets
> without wrapping the messages with Kafka protocol headers. If
> SaslHandshakeRequest version is v1, the SaslAuthenticate
> request/response are used, where the actual SASL tokens are wrapped in
> the Kafka protocol. The error code in the final message from the broker
> will indicate if authentication succeeded or failed.

References:
  https://kafka.apache.org/protocol#sasl_handshake
  https://kafka.apache.org/protocol#The_Messages_SaslHandshake
  https://kafka.apache.org/protocol#The_Messages_SaslAuthenticate

Signed-off-by: Dominic Evans <[email protected]>
mimaison
mimaison approved these changes Apr 25, 2019
View reviewed changes
Copy link
Contributor

@mimaison mimaison left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@mimaison
Copy link
Contributor

@bai can you take a look?
This is a very interesting change as this allows clients using SASL Plain to get a meaningful message in case of an authentication failure.

@bai
Copy link
Contributor

bai commented Apr 26, 2019

Many thanks! (And thanks for poking me!) 💯

@bai bai merged commit 6685e50 into IBM:master Apr 26, 2019
@dnwe dnwe deleted the sasl branch April 26, 2019 10:25
@dnwe dnwe mentioned this pull request Jul 3, 2019
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mimaison mimaison mimaison approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@dnwe @mimaison @bai