public abstract class AbstractTokenLoginCallbackHandler extends Object implements org.apache.kafka.common.security.auth.AuthenticateCallbackHandler
CallbackHandler
for the OAuthLoginModule.
There are three cases which must be covered with Token based authentication.
1. Kafka client-side User/Password credential authentication
2. Kafka client-side Token credential authentication
3. Kafka client impersonation.
All three circumstances can be handled through the use of two callback handlers.
TokenUserBearerLoginCallbackHandler
for User/Password credential authentication.
TokenBearerLoginCallbackHandler
for Token credential authentication.
Any application with an valid Authentication Token may impersonate another user making
TokenBearerLoginCallbackHandler
suitable for scenario 3 as well.
This abstract class handles the common functionality between them leaving the
specifics up to the individual implementations.
Implementations should be explicitly set via the
sasl.login.callback.handler.class
configuration property
Constructor and Description |
---|
AbstractTokenLoginCallbackHandler() |
Modifier and Type | Method and Description |
---|---|
void |
close() |
abstract void |
configure(Map<String,?> configs) |
void |
configure(Map<String,?> configs,
String saslMechanism,
List<AppConfigurationEntry> jaasConfigEntries) |
void |
handle(Callback[] callbacks) |
public void configure(Map<String,?> configs, String saslMechanism, List<AppConfigurationEntry> jaasConfigEntries)
configure
in interface org.apache.kafka.common.security.auth.AuthenticateCallbackHandler
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException
handle
in interface CallbackHandler
IOException
UnsupportedCallbackException
public void close()
close
in interface org.apache.kafka.common.security.auth.AuthenticateCallbackHandler