I think it is fine to break the password store to an interface in a separate KIP. I actually love the idea of smaller KIPs dealing with more specific functionality. I just wasn't clear why it was rejected.
Thank you for clarifying. I'm happy with current proposal. Gwen On Mon, Oct 10, 2016 at 2:17 AM, Rajini Sivaram <rajinisiva...@googlemail.com> wrote: > Gwen, > > Thank you for reviewing the KIP. > > There has been interest in making the password verification in SASL/PLAIN > more pluggable. So I think it makes sense to have a pluggable interface > that can be adopted for any SASL mechanism rather than just SCRAM. With the > current proposal, you can plugin another Scram SaslServer implementation > with a different password store. This is similar to the current SASL/PLAIN > implementation. > > I agree that it will be good to make password stores more pluggable rather > than require users to override the whole SaslServer. I was going to look > into this later, but I can do it as part of this KIP. Will update the KIP > with a pluggable interface. > > Thank you, > > Rajini > > > On Fri, Oct 7, 2016 at 11:37 PM, Gwen Shapira <g...@confluent.io> wrote: > >> Can you talk more about rejecting the option of making the password >> store pluggable? I am a bit uncomfortable with making ZK the one and >> only password store... >> >> On Tue, Oct 4, 2016 at 6:43 AM, Rajini Sivaram >> <rajinisiva...@googlemail.com> wrote: >> > Hi all, >> > >> > I have just created KIP-84 to add SCRAM-SHA-1 and SCRAM-SHA-256 SASL >> > mechanisms to Kafka: >> > >> > https://cwiki.apache.org/confluence/display/KAFKA/KIP- >> 84%3A+Support+SASL+SCRAM+mechanisms >> > >> > >> > Comments and suggestions are welcome. >> > >> > Thank you... >> > >> > Regards, >> > >> > Rajini >> >> >> >> -- >> Gwen Shapira >> Product Manager | Confluent >> 650.450.2760 | @gwenshap >> Follow us: Twitter | blog >> > > > > -- > Regards, > > Rajini -- Gwen Shapira Product Manager | Confluent 650.450.2760 | @gwenshap Follow us: Twitter | blog
