You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@kafka.apache.org by Kalpesh Jadhav <ka...@citiustech.com> on 2016/04/01 16:14:02 UTC

RE: Java API for kafka-acls.sh

Hi Gerard,



I am using kerberised environment.



By providing below jass file:



KafkaClient {

com.sun.security.auth.module.Krb5LoginModule required

doNotPrompt=true

useTicketCache=true

principal="ctadmin@HSCALE.COM"

useKeyTab=true

serviceName="kafka"

keyTab="/etc/security/keytabs/ctadmin.keytab"

client=true;

};

Client {

   com.sun.security.auth.module.Krb5LoginModule required

   useKeyTab=true

   keyTab="/etc/security/keytabs/ctadmin.keytab"

   storeKey=true

   useTicketCache=true

   serviceName="zookeeper"

   principal="ctadmin@HSCALE.COM";

};



I can create kafka topic through java application.



Problem is, in same application when I tried to give acl, it throws zookeeper keeper exception.



String[] cmdPArm = {"--add", "--allow-principals", "user:ctadmin", "--operation", "ALL","--topic", topicName ,"--authorizer-properties", "zookeeper.connect={hostname}:2181 "};

AclCommand.main(cmdPArm);



Same code if I ran as a kafka user, by providing kafka own jass file it run properly.



Now I am not getting what mistake I am doing.

Because if there is, any  mistake in jass file then it should not allow me to create topic also, but it’s getting created.



Is there any debug steps, to crack this, or someone has face this issue.



Thanks,

------------------------------------------------

Kalpesh Jadhav

Sr. Software Engineer | Development







-----Original Message-----
From: Gerard Klijs [mailto:gerard.klijs@dizzit.com]
Sent: Thursday, March 31, 2016 9:30 PM
To: users@kafka.apache.org
Subject: Re: Java API for kafka-acls.sh



You could check what it does, and do that instead of relying in the script.

It runs the kafka.admin.AclCommand class with some properties, and sets some jvm settings.



On Thu, Mar 31, 2016 at 4:36 PM Kalpesh Jadhav < kalpesh.jadhav@citiustech.com<ma...@citiustech.com>> wrote:



> Hi,

>

> Is there any java api available to give access to kafka topic??

>

> As we does through kafka-acls.sh.

> Just wanted to run below command through java api.

>

> kafka-acls.sh --add --allow-principals user:ctadmin --operation ALL

> --topic marchTesting --authorizer-properties

> zookeeper.connect={hostname}:2181

>

> ------------------------------------------------

> Kalpesh Jadhav

> Sr. Software Engineer | Development

> CitiusTech Inc.

> www.citiustech.com<http://www.citiustech.com<http://www.citiustech.com%3chttp:/www.citiustech.com>>

>

>

>

>

>

>

>

>