We use Sarama Kafka client https://github.com/IBM/sarama. It uses this library for Kerberos.
Sarama allows setting a dialer, we want to use it also for Kerberos authentication.
We use a TCP proxy, so changes are only relevant for TCP. This is tested and confirmed to work.
UDP proxy support can be added separately (we cannot test it with our systems, so I cannot add it here).
We have a following setup of our customer:
We use Sarama Kafka client https://github.com/IBM/sarama. It uses this library for Kerberos. Sarama allows setting a dialer, we want to use it also for Kerberos authentication.
We use a TCP proxy, so changes are only relevant for TCP. This is tested and confirmed to work. UDP proxy support can be added separately (we cannot test it with our systems, so I cannot add it here).
The PR is https://github.com/jcmturner/gokrb5/pull/547.