You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@camel.apache.org by "Claus Ibsen (JIRA)" <ji...@apache.org> on 2019/08/06 13:09:00 UTC

[jira] [Updated] (CAMEL-12596) Camel-Kafka security protocol SASL_PLAINTEXT not supported

     [ https://issues.apache.org/jira/browse/CAMEL-12596?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Claus Ibsen updated CAMEL-12596:
--------------------------------
    Fix Version/s: Future

> Camel-Kafka security protocol SASL_PLAINTEXT not supported
> ----------------------------------------------------------
>
>                 Key: CAMEL-12596
>                 URL: https://issues.apache.org/jira/browse/CAMEL-12596
>             Project: Camel
>          Issue Type: Improvement
>          Components: camel-kafka
>    Affects Versions: 2.21.1
>         Environment: * ActiveMQ v5.15.4
>  * Camel:2.21.1
>  * Kafka Clients: 1.1.0
>  * Server Version: Apache/2.4.6(CentOS)
>            Reporter: Lizuca Mihaescu
>            Priority: Major
>             Fix For: Future
>
>         Attachments: camel.xml, camel.xml
>
>
> I need to route ActiveMQ messages to Kafka(Cloudera) through Camel using authentication protocol Kerberos.
>  
> Kafka Security documentation states that it only supports *SASL_PLAINTEXT* and *SASL_SSL* for Kerberos: [https://www.cloudera.com/documentation/kafka/2-0-x/topics/kafka_security.html]
>  
> | ** |*SSL*|*Kerberos*|
> |PLAINTEXT|No|No|
> |SSL|Yes|No|
> |SASL_PLAINTEXT|No|Yes|
> |SASL_SSL|Yes|Yes|
>  
>  
>  
> On the other hand when I try to use *SASL_PLAINTEXT* for security protocol in Camel I am getting an error during the ActiveMQ starting. As a result ActiveMQ will not start.
>  
> I took the latest Camel code from: [https://github.com/apache/camel.git] and it states that it only supports *SSL* and *PLAINTEXT* as security protocols values.
>  
> | *securityProtocol* (security) | Protocol used to communicate with brokers. Currently only PLAINTEXT and SSL are supported. | PLAINTEXT | String
>  
>  
> I did find this solved issue: [https://access.redhat.com/solutions/3364871] but I did not find any evidence that this is working in the latest Camel version.
>  
> My Camel setup fragment is:
> {code:java}
> <log message="Started The Producer Route" /><to uri="kafka://10.100.70.00:9092?topic=MyEvents.s1.v1&amp;brokers=10.100.70.00:9092&amp;requestTimeoutMs=305000&amp;retries=3&amp;keySerializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&amp;saslMechanism=GSSAPI&amp;serializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&amp;securityProtocol=SASL_PLAINTEXT&amp;saslKerberosServiceName=kafka"/>{code}
>  
> I am using an external Jaas configuration file:
> {code:java}
> KafkaClient {
>     com.sun.security.auth.module.Krb5LoginModule required
>     useKeyTab=true
>     storeKey=true
>     keyTab="./user.keytab"
>     useTicketCache=false
>     serviceName="kafka"
>     principal=" Group/user@DOMAIN.LAN";
> };{code}
> Why Camel does not support *SASL_PLAINTEXT* *and* *SASL_SSL*?
>  
> Please help me this is *VERY IMPORTANT* for the project I am working on and this issue is considered a blocker. I am also an experienced Java programmer and I am willing to contribute if necessary to the open source code for such implementation if the need may be.



--
This message was sent by Atlassian JIRA
(v7.6.14#76016)