You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@kafka.apache.org by "Tim Lansbergen (JIRA)" <ji...@apache.org> on 2019/06/18 07:46:00 UTC

[jira] [Created] (KAFKA-8552) Use SASL authentication in ConfigCommand for connection to zookeeper

Tim Lansbergen created KAFKA-8552:
-------------------------------------

             Summary: Use SASL authentication in ConfigCommand for connection to zookeeper
                 Key: KAFKA-8552
                 URL: https://issues.apache.org/jira/browse/KAFKA-8552
             Project: Kafka
          Issue Type: Improvement
          Components: zkclient
    Affects Versions: 2.2.1
            Reporter: Tim Lansbergen


Currently we are using the kafka-configs script to create SCRAM users in zookeeper. I execute the following command on the machine:

*./kafka-configs --zookeeper _ip-adres_:2181 --alter --add-config 'SCRAM-SHA-256=[password=password]' --entity-type users --entity-name user123*

I would like to create users dynamically via a Java api. Since it is not possible to create SCRAM users via the KafkaAdminApi (please confirm?), I am now using the Kafka Scala class 'AdminZkClient' to create users the same as way as the ConfigCommand currently does. It looks like the AdminZkClient doesn't provide a way to authenticate against zookeeper using SASL. I'm currently connecting to zookeeper without authentication and this is a security issue. Is it possible to connect with the AdminZkClient with SASL authentication?

I'm aware of issue KAFKA-5722 which is an improvement to use the AdminClient in the ConfigCommand class so this issue might be a duplicate but I would like to know if it is possible to authenticate using SASL with the AdminZkClient.

Thanks!

 



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)