Enum Class OrgResourceIdValidationMode

java.lang.Object
java.lang.Enum<OrgResourceIdValidationMode>
io.confluent.kafka.server.plugins.auth.OrgResourceIdValidationMode
All Implemented Interfaces:
Serializable, Comparable<OrgResourceIdValidationMode>, Constable

public enum OrgResourceIdValidationMode extends Enum<OrgResourceIdValidationMode>
Enum class that represents different modes of organization resource ID validation in the authenticator.

none: No organization verification is performed, even for Universal API Keys (UAKs). LKC resolution still occurs for UAKs, but org matching is skipped.

uak_only: Organization verification is performed only for Universal API Keys. Regular LKC-scoped API keys skip org verification (they use SNI-based LKC validation instead).

This mode can be configured through the JAAS config for TopicBasedPlainSaslAuthenticator.

  • Enum Constant Details

  • Field Details

  • Method Details

    • values

      public static OrgResourceIdValidationMode[] values()
      Returns an array containing the constants of this enum class, in the order they are declared.
      Returns:
      an array containing the constants of this enum class, in the order they are declared
    • valueOf

      public static OrgResourceIdValidationMode valueOf(String name)
      Returns the enum constant of this class with the specified name. The string must match exactly an identifier used to declare an enum constant in this class. (Extraneous whitespace characters are not permitted.)
      Parameters:
      name - the name of the enum constant to be returned.
      Returns:
      the enum constant with the specified name
      Throws:
      IllegalArgumentException - if this enum class has no constant with the specified name
      NullPointerException - if the argument is null
    • fromString

      public static OrgResourceIdValidationMode fromString(String text)
    • getText

      public String getText()
    • shouldVerifyOrg

      public abstract boolean shouldVerifyOrg(boolean isUniversalApiKey)
      Determine if organization verification should be performed based on the key type.
      Parameters:
      isUniversalApiKey - true if the API key is a Universal API Key (org-scoped), false if it's a regular LKC-scoped key
      Returns:
      true if org verification should be performed, false otherwise