kt icon indicating copy to clipboard operation
kt copied to clipboard
verified publisher icon fgeller

add basic sasl_ssl support:

Open naude-r opened this issue 1 year ago • 1 comments

  • add security_protocol to authConfig. a single value, SASL_SSL, is supported for now. this allows one to enable TLS support
  • add sasl_mechanism to authConfig. currently we check for PLAIN and SCRAM-SHA256/SCRAM-SHA512
  • setupAuthTLS can now handle both client certs and the old "1 way" setup

naude-r avatar Apr 05 '24 13:04 naude-r

Very nice! I just ran across a case where I needed this, and implemented it myself without checking for open PRs first. Shame on me.

Some improvements I might suggest:

  • Add a block to README.md describing the required fields and their permitted values for this auth mode
  • Use the same spelling as sarama for the auth mechanisms, e.g. SCRAM-SHA-256 instead of SCRAM-SHA256. This could reduce friction for users following examples written for librdkafka.

@fgeller This would be very nice to have merged.

jvansanten avatar Apr 24 '24 11:04 jvansanten