@@ -659,19 +659,18 @@ Spark supports the following ways to authenticate against Kafka cluster:
659659
660660 Spark supports the following authentication protocols to obtain token:
661661 - ** SASL SSL (default)** : With ` GSSAPI ` mechanism Kerberos used for authentication and SSL for encryption.
662- - ** SSL** : It's leveraging a capability from SSL called 2-way authentication. The server authenticate
662+ - ** SSL** : It's leveraging a capability from SSL called 2-way authentication. The server authenticates
663663 clients through certificates. Please note 2-way authentication must be enabled on Kafka brokers.
664664 - ** SASL PLAINTEXT (for testing)** : With ` GSSAPI ` mechanism Kerberos used for authentication but
665665 because there is no encryption it's only for testing purposes.
666666
667- After delegation token successfully obtained Spark spreads it across nodes and renews it accordingly.
667+ After obtaining delegation token successfully, Spark spreads it across nodes and renews it accordingly.
668668 Delegation token uses ` SCRAM ` login module for authentication.
669669
670- When delegation token is available for example on an executor it can be overridden with JAAS login
671- configuration.
672- - ** JAAS login configuration** : JAAS login configuration must be created and transferred to all
673- nodes where Spark tries to access Kafka cluster. This provides the possibility to apply any
674- custom authentication logic with a higher cost to maintain. This can be done several ways.
670+ When delegation token is available on an executor it can be overridden with JAAS login configuration.
671+ - ** JAAS login configuration** : JAAS login configuration must placed on all nodes where Spark
672+ tries to access Kafka cluster. This provides the possibility to apply any custom authentication
673+ logic with a higher cost to maintain. This can be done several ways.
675674 One possibility is to provide additional JVM parameters, such as,
676675
677676 ./bin/spark-submit \
0 commit comments