Proven Provenzano created KAFKA-14881:
-----------------------------------------
Summary: Update UserScramCredentialRecord for SCRAM ZK to KRaft
migration
Key: KAFKA-14881
URL: https://issues.apache.org/jira/browse/KAFKA-14881
Project: Kafka
Issue Type: Improvement
Components: kraft
Affects Versions: 3.5.0
Reporter: Proven Provenzano
Assignee: Proven Provenzano
Fix For: 3.5.0
I want to support ZK to KRaft migration.
ZK stores a storedKey and a serverKey for each SCRAM credential not the
saltedPassword.
The storedKey and serverKey are a crypto hash of some data with the
saltedPassword and it is not possible to extract the saltedPassword from them.
The serverKey and storedKey are enough for SCRAM authentication and
saltedPassword is not needed.
I will update the UserScramCredentialRecord to store serverKey and storedKey
instead of saltedPassword and I will update that SCRAM is only supported with a
bumped version of IBP_3_5 so that there are no compatibility issues.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
