[Verse 1]
Three guardians protect your streaming gate
TLS certificates for mutual handshake
Client proves its worth with cryptographic key
Server validates before you're running free
SCRAM-SHA-512 brings passwords to the dance
Salted hashing makes brute force lose its chance
[Chorus]
Auth-en-ti-cate, validate every connection
mTLS, SCRAM, OAuth for protection
Kafka-User custom resource defines the trust
Configure listeners, authentication's a must
Lock it down, verify the crown
Every client must prove their ground
[Verse 2]
OAuth twenty flows through modern gates
Keycloak, Azure, Okta validates
Bearer tokens carry digital proof
JSON Web signatures keep hackers aloof
Each listener binds to its chosen scheme
Multiple methods in one cluster's dream
[Chorus]
Auth-en-ti-cate, validate every connection
mTLS, SCRAM, OAuth for protection
Kafka-User custom resource defines the trust
Configure listeners, authentication's a must
Lock it down, verify the crown
Every client must prove their ground
[Bridge]
Certificate authority chains the mutual trust
Distinguished names in X-five-oh-nine dust
Username stored in Kubernetes secret space
SCRAM iterations slow the hacking race
Resource definitions declare who belongs
Strimzi orchestrates the authentication songs
[Verse 3]
Per-listener configs segment your access
Plain text, encrypted, each with its process
Client ID and secret for OAuth flow
OIDC discovery lets the tokens glow
Principal extraction maps the identity
Authorization waits for what's verified
[Final Chorus]
Auth-en-ti-cate, validate every connection
mTLS, SCRAM, OAuth for protection
Kafka-User custom resource defines the trust
Configure listeners, authentication's a must
Lock it down, verify the crown
Every client must prove their ground
Streaming secured, messages assured