kafka-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Manikumar <manikumar.re...@gmail.com>
Subject Re: Reg: ACLS
Date Mon, 12 Dec 2016 05:49:48 GMT
The default principal for Plaintext transport is  "ANONYMOUS".

On Sun, Dec 11, 2016 at 12:58 AM, BigData dev <bigdatadevguy@gmail.com>
wrote:

> Hi,
>
> bin/kafka-acls.sh --topic kafka-testtopic --add -allow-host 9.30.15.19
> --operation Write --authorizer-properties
> zookeeper.connect=hostname.abc.com:2181
>
> Below message I am getting.
> You must specify one of: --allow-principal, --deny-principal when
> trying to add ACLs.
>
> So, as kerberos is not enabled what will be the allow-principal value.
>
> Any information on this would be greatly helpful.
>
>
>
> Thanks
>
> On Sat, Dec 10, 2016 at 11:02 AM, BigData dev <bigdatadevguy@gmail.com>
> wrote:
>
> > Hi Ashish, Ismael
> > Thanks for Info.
> > So on Kafka Cluster (With out any security enabled) I can add ACLS with
> IP
> > address.
> > Is that correct?
> >
> >
> > Thanks,
> > Bharat
> >
> >
> > On Fri, Dec 9, 2016 at 11:14 AM, Ashish Singh <asingh@cloudera.com>
> wrote:
> >
> >> Ismael, thanks for the correction. I assumed the question was targeted
> for
> >> without any security enabled, but yea even then IP based auth is
> possible.
> >>
> >> On Fri, Dec 9, 2016 at 11:01 AM, Ismael Juma <ismael@juma.me.uk> wrote:
> >>
> >> > It is possible to use ACLs with IPs or other SASL mechanisms (PLAIN
> for
> >> > example). So Kerberos and SSL are not required (although commonly
> used).
> >> >
> >> > Ismael
> >> >
> >> > On Fri, Dec 9, 2016 at 6:59 PM, Ashish Singh <asingh@cloudera.com>
> >> wrote:
> >> >
> >> > > Hey,
> >> > >
> >> > > No it does not. Without kerberos or ssl, all requests will appear
to
> >> come
> >> > > from anonymous user, and as long as a user is not identified it is
> not
> >> > > possible to do authorization on.
> >> > >
> >> > > On Fri, Dec 9, 2016 at 10:40 AM, BigData dev <
> bigdatadevguy@gmail.com
> >> >
> >> > > wrote:
> >> > >
> >> > > > Hi All,
> >> > > > I have a question here, Does Kafka support ACL's with out
> >> kerberos/SSL?
> >> > > >
> >> > > > Any info on this would be greatly helpful.
> >> > > >
> >> > > >
> >> > > > Thanks
> >> > > >
> >> > >
> >> > >
> >> > >
> >> > > --
> >> > >
> >> > > Regards,
> >> > > Ashish
> >> > >
> >> >
> >>
> >>
> >>
> >> --
> >>
> >> Regards,
> >> Ashish
> >>
> >
> >
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message