You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@kafka.apache.org by cs user <ac...@gmail.com> on 2016/07/15 10:50:29 UTC
Enabling PLAINTEXT inter broker security
Hi All,
I'm dipping my toes into kafka security, I'm following the guide here:
http://kafka.apache.org/documentation.html#security_sasl_plain_brokerconfig
and http://kafka.apache.org/documentation.html#security_sasl_brokerconfig
My jaas config file looks like:
KafkaServer {
org.apache.kafka.common.security.plain.PlainLoginModule required
username="admin"
password="admin-secret"
user_admin="admin-secret"
user_alice="alice-secret";
};
I pass the following to kafka on startup to load the above in:
-Djava.security.auth.login.config=/etc/kafka/kafka_server_jaas.conf
I'm using the following for my broker settings, using PLAINTEXT throughout:
listeners=SASL_PLAINTEXT://host.name:port
security.inter.broker.protocol=SASL_SSL
sasl.mechanism.inter.broker.protocol=PLAIN
sasl.enabled.mechanisms=PLAIN
However when kafka starts up I get the following error message:
Caused by: javax.security.auth.login.LoginException: unable to find
LoginModule class: org.apache.kafka.common.security.plain.PlainLoginModule
Any idea why I would be getting this error?
Thanks!
Re: Enabling PLAINTEXT inter broker security
Posted by cs user <ac...@gmail.com>.
Just to follow on from this, what is the difference between these two
broker parameters?
listeners Listener List - Comma-separated list of URIs we will listen on
and their protocols. Specify hostname as 0.0.0.0 to bind to all interfaces.
Leave hostname empty to bind to default interface. Examples of legal
listener lists: PLAINTEXT://myhost:9092,TRACE://:9091 PLAINTEXT://
0.0.0.0:9092, TRACE://localhost:9093
port the port to listen and accept connections on
Can I set both the following? Does it make sense?
listeners=SASL_PLAINTEXT://:9092
port=9092
On Fri, Jul 15, 2016 at 12:26 PM, cs user <ac...@gmail.com> wrote:
> Yep, tried 0.10.0.0, all working fine :-)
>
> I was using 0.9.
>
> Apologies for the spam!
>
> On Fri, Jul 15, 2016 at 12:05 PM, Manikumar Reddy <
> manikumar.reddy@gmail.com> wrote:
>
>> Hi,
>>
>> Which Kafka version you are using?
>> SASL/PLAIN support is available from Kafka 0.10.0.0 release onwards.
>>
>>
>> Thanks
>> Manikumar
>>
>> On Fri, Jul 15, 2016 at 4:22 PM, cs user <ac...@gmail.com> wrote:
>>
>> > Apologies, just to me clear, my broker settings are actually as below,
>> > using PLAINTEXT throughout
>> >
>> > listeners=SASL_PLAINTEXT://host.name:port
>> > security.inter.broker.protocol=SASL_PLAINTEXT
>> > sasl.mechanism.inter.broker.protocol=PLAIN
>> > sasl.enabled.mechanisms=PLAIN
>> >
>> >
>> > On Fri, Jul 15, 2016 at 11:50 AM, cs user <ac...@gmail.com> wrote:
>> >
>> > > Hi All,
>> > >
>> > > I'm dipping my toes into kafka security, I'm following the guide here:
>> > >
>> >
>> http://kafka.apache.org/documentation.html#security_sasl_plain_brokerconfig
>> > > and
>> > http://kafka.apache.org/documentation.html#security_sasl_brokerconfig
>> > >
>> > > My jaas config file looks like:
>> > >
>> > > KafkaServer {
>> > > org.apache.kafka.common.security.plain.PlainLoginModule
>> required
>> > > username="admin"
>> > > password="admin-secret"
>> > > user_admin="admin-secret"
>> > > user_alice="alice-secret";
>> > > };
>> > >
>> > > I pass the following to kafka on startup to load the above in:
>> > >
>> > > -Djava.security.auth.login.config=/etc/kafka/kafka_server_jaas.conf
>> > >
>> > >
>> > > I'm using the following for my broker settings, using PLAINTEXT
>> > throughout:
>> > >
>> > > listeners=SASL_PLAINTEXT://host.name:port
>> > > security.inter.broker.protocol=SASL_SSL
>> > > sasl.mechanism.inter.broker.protocol=PLAIN
>> > > sasl.enabled.mechanisms=PLAIN
>> > >
>> > >
>> > >
>> > > However when kafka starts up I get the following error message:
>> > >
>> > > Caused by: javax.security.auth.login.LoginException: unable to find
>> > > LoginModule class:
>> > org.apache.kafka.common.security.plain.PlainLoginModule
>> > >
>> > > Any idea why I would be getting this error?
>> > >
>> > > Thanks!
>> > >
>> >
>>
>
>
Re: Enabling PLAINTEXT inter broker security
Posted by cs user <ac...@gmail.com>.
Yep, tried 0.10.0.0, all working fine :-)
I was using 0.9.
Apologies for the spam!
On Fri, Jul 15, 2016 at 12:05 PM, Manikumar Reddy <manikumar.reddy@gmail.com
> wrote:
> Hi,
>
> Which Kafka version you are using?
> SASL/PLAIN support is available from Kafka 0.10.0.0 release onwards.
>
>
> Thanks
> Manikumar
>
> On Fri, Jul 15, 2016 at 4:22 PM, cs user <ac...@gmail.com> wrote:
>
> > Apologies, just to me clear, my broker settings are actually as below,
> > using PLAINTEXT throughout
> >
> > listeners=SASL_PLAINTEXT://host.name:port
> > security.inter.broker.protocol=SASL_PLAINTEXT
> > sasl.mechanism.inter.broker.protocol=PLAIN
> > sasl.enabled.mechanisms=PLAIN
> >
> >
> > On Fri, Jul 15, 2016 at 11:50 AM, cs user <ac...@gmail.com> wrote:
> >
> > > Hi All,
> > >
> > > I'm dipping my toes into kafka security, I'm following the guide here:
> > >
> >
> http://kafka.apache.org/documentation.html#security_sasl_plain_brokerconfig
> > > and
> > http://kafka.apache.org/documentation.html#security_sasl_brokerconfig
> > >
> > > My jaas config file looks like:
> > >
> > > KafkaServer {
> > > org.apache.kafka.common.security.plain.PlainLoginModule
> required
> > > username="admin"
> > > password="admin-secret"
> > > user_admin="admin-secret"
> > > user_alice="alice-secret";
> > > };
> > >
> > > I pass the following to kafka on startup to load the above in:
> > >
> > > -Djava.security.auth.login.config=/etc/kafka/kafka_server_jaas.conf
> > >
> > >
> > > I'm using the following for my broker settings, using PLAINTEXT
> > throughout:
> > >
> > > listeners=SASL_PLAINTEXT://host.name:port
> > > security.inter.broker.protocol=SASL_SSL
> > > sasl.mechanism.inter.broker.protocol=PLAIN
> > > sasl.enabled.mechanisms=PLAIN
> > >
> > >
> > >
> > > However when kafka starts up I get the following error message:
> > >
> > > Caused by: javax.security.auth.login.LoginException: unable to find
> > > LoginModule class:
> > org.apache.kafka.common.security.plain.PlainLoginModule
> > >
> > > Any idea why I would be getting this error?
> > >
> > > Thanks!
> > >
> >
>
Re: Enabling PLAINTEXT inter broker security
Posted by Manikumar Reddy <ma...@gmail.com>.
Hi,
Which Kafka version you are using?
SASL/PLAIN support is available from Kafka 0.10.0.0 release onwards.
Thanks
Manikumar
On Fri, Jul 15, 2016 at 4:22 PM, cs user <ac...@gmail.com> wrote:
> Apologies, just to me clear, my broker settings are actually as below,
> using PLAINTEXT throughout
>
> listeners=SASL_PLAINTEXT://host.name:port
> security.inter.broker.protocol=SASL_PLAINTEXT
> sasl.mechanism.inter.broker.protocol=PLAIN
> sasl.enabled.mechanisms=PLAIN
>
>
> On Fri, Jul 15, 2016 at 11:50 AM, cs user <ac...@gmail.com> wrote:
>
> > Hi All,
> >
> > I'm dipping my toes into kafka security, I'm following the guide here:
> >
> http://kafka.apache.org/documentation.html#security_sasl_plain_brokerconfig
> > and
> http://kafka.apache.org/documentation.html#security_sasl_brokerconfig
> >
> > My jaas config file looks like:
> >
> > KafkaServer {
> > org.apache.kafka.common.security.plain.PlainLoginModule required
> > username="admin"
> > password="admin-secret"
> > user_admin="admin-secret"
> > user_alice="alice-secret";
> > };
> >
> > I pass the following to kafka on startup to load the above in:
> >
> > -Djava.security.auth.login.config=/etc/kafka/kafka_server_jaas.conf
> >
> >
> > I'm using the following for my broker settings, using PLAINTEXT
> throughout:
> >
> > listeners=SASL_PLAINTEXT://host.name:port
> > security.inter.broker.protocol=SASL_SSL
> > sasl.mechanism.inter.broker.protocol=PLAIN
> > sasl.enabled.mechanisms=PLAIN
> >
> >
> >
> > However when kafka starts up I get the following error message:
> >
> > Caused by: javax.security.auth.login.LoginException: unable to find
> > LoginModule class:
> org.apache.kafka.common.security.plain.PlainLoginModule
> >
> > Any idea why I would be getting this error?
> >
> > Thanks!
> >
>
Re: Enabling PLAINTEXT inter broker security
Posted by cs user <ac...@gmail.com>.
Apologies, just to me clear, my broker settings are actually as below,
using PLAINTEXT throughout
listeners=SASL_PLAINTEXT://host.name:port
security.inter.broker.protocol=SASL_PLAINTEXT
sasl.mechanism.inter.broker.protocol=PLAIN
sasl.enabled.mechanisms=PLAIN
On Fri, Jul 15, 2016 at 11:50 AM, cs user <ac...@gmail.com> wrote:
> Hi All,
>
> I'm dipping my toes into kafka security, I'm following the guide here:
> http://kafka.apache.org/documentation.html#security_sasl_plain_brokerconfig
> and http://kafka.apache.org/documentation.html#security_sasl_brokerconfig
>
> My jaas config file looks like:
>
> KafkaServer {
> org.apache.kafka.common.security.plain.PlainLoginModule required
> username="admin"
> password="admin-secret"
> user_admin="admin-secret"
> user_alice="alice-secret";
> };
>
> I pass the following to kafka on startup to load the above in:
>
> -Djava.security.auth.login.config=/etc/kafka/kafka_server_jaas.conf
>
>
> I'm using the following for my broker settings, using PLAINTEXT throughout:
>
> listeners=SASL_PLAINTEXT://host.name:port
> security.inter.broker.protocol=SASL_SSL
> sasl.mechanism.inter.broker.protocol=PLAIN
> sasl.enabled.mechanisms=PLAIN
>
>
>
> However when kafka starts up I get the following error message:
>
> Caused by: javax.security.auth.login.LoginException: unable to find
> LoginModule class: org.apache.kafka.common.security.plain.PlainLoginModule
>
> Any idea why I would be getting this error?
>
> Thanks!
>