Search in sources :

Example 1 with ScramServerCallbackHandler

use of org.apache.kafka.common.security.scram.ScramServerCallbackHandler in project apache-kafka-on-k8s by banzaicloud.

the class SaslServerAuthenticator method createSaslServer.

private void createSaslServer(String mechanism) throws IOException {
    this.saslMechanism = mechanism;
    Subject subject = subjects.get(mechanism);
    if (!ScramMechanism.isScram(mechanism))
        callbackHandler = new SaslServerCallbackHandler(jaasContexts.get(mechanism));
    else
        callbackHandler = new ScramServerCallbackHandler(credentialCache.cache(mechanism, ScramCredential.class), tokenCache);
    callbackHandler.configure(configs, Mode.SERVER, subject, saslMechanism);
    if (mechanism.equals(SaslConfigs.GSSAPI_MECHANISM)) {
        saslServer = createSaslKerberosServer(callbackHandler, configs, subject);
    } else {
        try {
            saslServer = Subject.doAs(subject, new PrivilegedExceptionAction<SaslServer>() {

                public SaslServer run() throws SaslException {
                    return Sasl.createSaslServer(saslMechanism, "kafka", serverAddress().getHostName(), configs, callbackHandler);
                }
            });
        } catch (PrivilegedActionException e) {
            throw new SaslException("Kafka Server failed to create a SaslServer to interact with a client during session authentication", e.getCause());
        }
    }
}
Also used : ScramCredential(org.apache.kafka.common.security.scram.ScramCredential) ScramServerCallbackHandler(org.apache.kafka.common.security.scram.ScramServerCallbackHandler) PrivilegedActionException(java.security.PrivilegedActionException) PrivilegedExceptionAction(java.security.PrivilegedExceptionAction) SaslException(javax.security.sasl.SaslException) Subject(javax.security.auth.Subject)

Aggregations

PrivilegedActionException (java.security.PrivilegedActionException)1 PrivilegedExceptionAction (java.security.PrivilegedExceptionAction)1 Subject (javax.security.auth.Subject)1 SaslException (javax.security.sasl.SaslException)1 ScramCredential (org.apache.kafka.common.security.scram.ScramCredential)1 ScramServerCallbackHandler (org.apache.kafka.common.security.scram.ScramServerCallbackHandler)1