You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@ranger.apache.org by "Ronald van de Kuil (JIRA)" <ji...@apache.org> on 2017/10/20 06:07:00 UTC

[jira] [Commented] (RANGER-1847) Ranger Kafka Plugin sasl.enabled.mechanisms=PLAIN

    [ https://issues.apache.org/jira/browse/RANGER-1847?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16212230#comment-16212230 ] 

Ronald van de Kuil commented on RANGER-1847:
--------------------------------------------

I think that the relevant settings in the kafka server are: 

listeners=SASL_PLAINTEXT://:9092
security.inter.broker.protocol=SASL_PLAINTEXT
sasl.mechanism.inter.broker.protocol=PLAIN
sasl.enabled.mechanisms=PLAIN
authorizer.class.name=org.apache.ranger.authorization.kafka.authorizer.RangerKafkaAuthorizer
super.users=User:kafka
allow.everyone.if.no.acl.found=false

> Ranger Kafka Plugin sasl.enabled.mechanisms=PLAIN
> -------------------------------------------------
>
>                 Key: RANGER-1847
>                 URL: https://issues.apache.org/jira/browse/RANGER-1847
>             Project: Ranger
>          Issue Type: Test
>          Components: plugins
>    Affects Versions: 0.6.3, 0.7.1
>         Environment: ubuntu stand-alone hobby environment
>            Reporter: Ronald van de Kuil
>            Priority: Minor
>
> I am such a NOOB hobby-ing away. And I like it. ;)
> I figured I would give it a try to setup Kafka to use the sasl.enabled.mechanisms of type PLAIN with ranger to do the authorisation and the auditing (instead of GSSAPI).
> I got it to work pretty far. KafkaServer gets into state SaslAuthenticated with Zookeeper. 
> Next it loads the ranger kafka plugin. Then the RangerKafkaAuthorizer complains about Kerberos. 
> I am not sure how to classify this issue. 



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)