Class PlainSaslAuthenticator

java.lang.Object

io.confluent.kafka.server.plugins.auth.PlainSaslAuthenticator

Direct Known Subclasses:

FileBasedPlainSaslAuthenticator, TopicBasedPlainSaslAuthenticator

public abstract class PlainSaslAuthenticator
extends Object

Field Summary

Fields

Modifier and Type	Field	Description
static final String	USER_RESOURCE_ID

Constructor Summary

Constructors

Constructor	Description
PlainSaslAuthenticator(AuthAttemptCache successfulAuthCache, AuthAttemptCache failedAuthCache)

Method Summary

Modifier and Type	Method	Description
io.confluent.kafka.multitenant.MultiTenantPrincipal	authenticate(PlainSaslCredentials credentials)	Authenticate user by checking username, password, cluster id and network ID.
Optional<String>	clusterId(String username)
static String	configEntryOption(List<AppConfigurationEntry> configurationEntries, String key, String loginModuleName)
void	initialize(List<AppConfigurationEntry> jaasContextEntries)
static io.confluent.kafka.multitenant.MultiTenantPrincipal	multiTenantPrincipal(String username, io.confluent.kafka.server.plugins.auth.MultiTenantSaslConfigEntry userInfo)

Methods inherited from class java.lang.Object

equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

USER_RESOURCE_ID

public static final String USER_RESOURCE_ID

See Also:

• Constant Field Values

Constructor Details

PlainSaslAuthenticator

public PlainSaslAuthenticator(AuthAttemptCache successfulAuthCache,
 AuthAttemptCache failedAuthCache)

Method Details

multiTenantPrincipal

public static io.confluent.kafka.multitenant.MultiTenantPrincipal multiTenantPrincipal(String username,
 io.confluent.kafka.server.plugins.auth.MultiTenantSaslConfigEntry userInfo)

authenticate

public io.confluent.kafka.multitenant.MultiTenantPrincipal authenticate(PlainSaslCredentials credentials)
                                                                 throws SaslException,
org.apache.kafka.common.errors.SaslAuthenticationException

Authenticate user by checking username, password, cluster id and network ID.

Parameters:

credentials - 'credentials' which includes username, password and information like sni hostname for authentication.

Returns:

MultiTenantPrincipal containing authorization id and tenant

Throws:

org.apache.kafka.common.errors.SaslAuthenticationException - if authentication fails. Note that the error string in the SaslAuthenticationException is returned to the client so do not leak information in it.

SaslException - if any unexpected errors are encountered

configEntryOption

public static String configEntryOption(List<AppConfigurationEntry> configurationEntries,
 String key,
 String loginModuleName)

clusterId

public Optional<String> clusterId(String username)
                           throws SaslException

Throws:

SaslException

initialize

void initialize(List<AppConfigurationEntry> jaasContextEntries)