[
https://issues.apache.org/jira/browse/SPARK-26322?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16716610#comment-16716610
]
ASF GitHub Bot commented on SPARK-26322:
----------------------------------------
gaborgsomogyi commented on a change in pull request #23274: [SPARK-26322][SS]
Add spark.kafka.token.sasl.mechanism to ease delegation token configuration.
URL: https://github.com/apache/spark/pull/23274#discussion_r240522377
##########
File path: core/src/main/scala/org/apache/spark/internal/config/Kafka.scala
##########
@@ -79,4 +79,13 @@ private[spark] object Kafka {
"For further details please see kafka documentation. Only used to
obtain delegation token.")
.stringConf
.createOptional
+
+ val TOKEN_SASL_MECHANISM =
+ ConfigBuilder("spark.kafka.token.sasl.mechanism")
Review comment:
The `token` keyword is there for a reason (maybe it can be changed to
reflect the meaning better).
All in all there are 2 `sasl.mechanism` used:
* To obtain token, which is hardcoded to `GSSAPI` at the moment without user
parameter
* To authenticate the obtained token, which is this
To be consistent with the actual naming the first one would be
`spark.kafka.sasl.mechanism` and the second something else.
All in all if we think the naming structure can be changed.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
> Simplify kafka delegation token sasl.mechanism configuration
> ------------------------------------------------------------
>
> Key: SPARK-26322
> URL: https://issues.apache.org/jira/browse/SPARK-26322
> Project: Spark
> Issue Type: Improvement
> Components: Structured Streaming
> Affects Versions: 3.0.0
> Reporter: Gabor Somogyi
> Priority: Major
>
> When Kafka delegation token obtained, SCRAM sasl.mechanism has to be
> configured for authentication. This can be configured on the related
> source/sink which is inconvenient from user perspective. Such granularity is
> not required and this configuration can be implemented with one central
> parameter.
> Kafka now supports 2 SCRAM related sasl.mechanism:
> - SCRAM-SHA-256
> - SCRAM-SHA-512
> and these are configured on brokers, which makes this configuration global.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@spark.apache.org
For additional commands, e-mail: issues-h...@spark.apache.org
