kafka-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From BigData dev <bigdatadev...@gmail.com>
Subject Reg: Kafka ACLS
Date Wed, 25 Jan 2017 21:08:12 GMT
Hi,
I have a question, can we use Kafka ACL's with only SASL/PLAIN mechanism.
Because after I enabled, still I am able to produce/consume from topics.

And one more observation is in kafka-_jaas.conf, there is no client
section, will get an WARN as below, as we dont have this kind of mechanisim
with zookeeper.  Just want to confirm is this expected?

*WARN SASL configuration failed: javax.security.auth.login.LoginException:
No JAAS configuration section named 'Client' was found in specified JAAS
configuration file: '/usr/iop/current/kafka-broker/conf/kafka_jaas.conf'.
Will continue connection to Zookeeper server without SASL authentication,
if Zookeeper server allows it. (org.apache.zookeeper.ClientCnxn)*

KafkaClient {

org.apache.kafka.common.security.plain.PlainLoginModule required

username="alice"

password="alice-secret";

};


KafkaServer {

org.apache.kafka.common.security.plain.PlainLoginModule required

username="admin"

password="admin-secret"

user_admin="admin-secret"

user_alice="alice-secret";

};


I see recommended is SASL/PLAIN with SSL, just can we use only SASL/PLAIN
mechanisim with ACLS?

Thanks

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message