Package io.confluent.kafka.clients.plugins.auth.token

Class AbstractTokenLoginCallbackHandler

java.lang.Object

io.confluent.kafka.clients.plugins.auth.token.AbstractTokenLoginCallbackHandler

All Implemented Interfaces:

CallbackHandler, org.apache.kafka.common.security.auth.AuthenticateCallbackHandler

Direct Known Subclasses:

TokenBearerLoginCallbackHandler, TokenCertificateLoginCallbackHandler, TokenUserLoginCallbackHandler

public abstract class AbstractTokenLoginCallbackHandler
extends Object
implements org.apache.kafka.common.security.auth.AuthenticateCallbackHandler

An abstract CallbackHandler for the OAuthLoginModule. There are three cases which must be covered with Token based authentication. 1. Kafka client-side User/Password credential authentication 2. Kafka client-side Token credential authentication 3. Kafka client impersonation. All three circumstances can be handled through the use of two callback handlers. TokenUserLoginCallbackHandler for User/Password credential authentication. TokenBearerLoginCallbackHandler for Token credential authentication. Any application with an valid Authentication Token may impersonate another user making TokenBearerLoginCallbackHandler suitable for scenario 3 as well. TokenCertificateLoginCallbackHandler suitable for scenarios where we exchange, client certificates for a MDS issued token This abstract class handles the common functionality between them leaving the specifics up to the individual implementations.

Implementations should be explicitly set via the sasl.login.callback.handler.class configuration property

Constructor Summary

Constructors

Constructor	Description
AbstractTokenLoginCallbackHandler()

Method Summary

Modifier and Type	Method	Description
void	close()
abstract void	configure(Map<String,?> configs)
void	configure(Map<String,?> configs, String saslMechanism, List<AppConfigurationEntry> jaasConfigEntries)
void	handle(Callback[] callbacks)
abstract void	validateHaveCredentials(Map<String,String> moduleOptions, Map<String,?> configs)

Methods inherited from class java.lang.Object

equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

AbstractTokenLoginCallbackHandler

public AbstractTokenLoginCallbackHandler()

Method Details

configure

public abstract void configure(Map<String,?> configs)

configure

public void configure(Map<String,?> configs,
 String saslMechanism,
 List<AppConfigurationEntry> jaasConfigEntries)

Specified by:

configure in interface org.apache.kafka.common.security.auth.AuthenticateCallbackHandler

handle

public void handle(Callback[] callbacks)
            throws IOException,
UnsupportedCallbackException

Specified by:

handle in interface CallbackHandler

Throws:

IOException

UnsupportedCallbackException

close

public void close()

Specified by:

close in interface org.apache.kafka.common.security.auth.AuthenticateCallbackHandler

validateHaveCredentials

public abstract void validateHaveCredentials(Map<String,String> moduleOptions,
 Map<String,?> configs)
                                      throws org.apache.kafka.common.config.ConfigException

Throws:

org.apache.kafka.common.config.ConfigException