Open rtclauss opened 2 years ago
When using IBM EventStreams/Kafka the authentication mechanism is via username/password using the PLAIN SASL Mechanism. This can be partially seen in microprofile-config.properties:
PLAIN
microprofile-config.properties
... mp.messaging.connector.liberty-kafka.sasl.mechanism=PLAIN ... mp.messaging.connector.liberty-kafka.sasl.jaas.config=default-value
However, Amazon MSK uses a different set of SASL mechanisms as outlined below:
... mp.messaging.connector.liberty-kafka.sasl.mechanism=SCRAM-SHA-512 mp.messaging.connector.liberty-kafka.sasl.jaas.config=org.apache.kafka.common.security.scram.ScramLoginModule required ... #mp.messaging.connector.liberty-kafka.sasl.jaas.config=default-value
Azure Event Hubs can make use of the same, PLAIN, configuration or it can use OAUTHBEARER tokens with callback.
OAUTHBEARER
bootstrap.servers=NAMESPACENAME.servicebus.windows.net:9093 security.protocol=SASL_SSL sasl.mechanism=OAUTHBEARER sasl.jaas.config=org.apache.kafka.common.security.oauthbearer.OAuthBearerLoginModule required; sasl.login.callback.handler.class=CustomAuthenticateCallbackHandler;
We need a generic mechanism to specify the SASL configuration for Kafka.
Related issue in portfolio
portfolio
Maybe make the SASL_MECHANISM and JAAS class environment variables/secrets?
When using IBM EventStreams/Kafka the authentication mechanism is via username/password using the
PLAIN
SASL Mechanism. This can be partially seen inmicroprofile-config.properties
:However, Amazon MSK uses a different set of SASL mechanisms as outlined below:
Azure Event Hubs can make use of the same,
PLAIN
, configuration or it can useOAUTHBEARER
tokens with callback.We need a generic mechanism to specify the SASL configuration for Kafka.