You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@kafka.apache.org by Guillaume Grossetie <gr...@gmail.com> on 2016/09/08 09:17:48 UTC

Multiple active Kafka producers/consumers with users authentication

Hello,

I'm using Kafka 0.10+ with an SASL authentication on the client:

// kafka_client_jaas.conf
KafkaClient {
    org.apache.kafka.common.security.plain.PlainLoginModule required
    username="guillaume"
    password="secret";
};

Everything is working as expected and I want to use the same
authentication mechanism
in the Kafka REST Proxy.
As far as I know this is not yet implemented and in order to do that, each
request to the server will need to be authenticated.

A simple solution is to send a basic auth over HTTPS and to use this
username/password in the PlainLoginModule.

During my initial tests I found out that the LoginManager is cached [1] and
released only when the Kafka producer/consumer is closed. This means that I
can have only one authenticated Kafka producer/consumer (more specifically
one Kafka channel) active at a time.

Am I missing something ? How can I have multiple active Kafka
producers/consumers with different credentials ?


Thanks,
Guillaume

[1]
https://github.com/apache/kafka/blob/69ebf6f7be2fc0e471ebd5b7a166468017ff2651/clients/src/main/java/org/apache/kafka/common/security/authenticator/LoginManager.java#L35