You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@kafka.apache.org by Хлебалов Степан Иванович <St...@rt.ru> on 2020/01/20 10:51:44 UTC
kafka with sasl plaintext auth
Hello.
Can anyone explain me please what I'm doing wrong?
I'm trying to add sasl plaintext auth to kafka 2.2.2.
Configuration steps are below:
1. config/server.properties
sasl.enabled.mechanisms=PLAIN
security.inter.broker.protocol=SASL_PLAINTEXT
sasl.mechanism.inter.broker.protocol=PLAIN
listeners=SASL_PLAINTEXT://:9094
security.protocol=SASL_PLAINTEXT
2. config/kafka_server_jaas.conf
KafkaServer {
org.apache.kafka.common.security.plain.PlainLoginModule required
username="admin"
password="user-admin-secret"
user_admin="user-admin-secret"
user_alice="alice-secret";
};
3. /etc/systemd/system/kafka-2.2.2.service
[Unit]
Requires=zookeeper.service
After=zookeeper.service
[Service]
Type=simple
User=kafka
Group=kafka
Environment=KAFKA_OPTS=-Djava.security.auth.login.config=/opt/kafka_2.12-2.2.2/config/kafka_server_jaas.conf
ExecStart=/opt/kafka_2.12-2.2.2/bin/kafka-server-start.sh /opt/kafka_2.12-2.2.2/config/server.properties
ExecStop=/opt/kafka_2.12-2.2.2/bin/kafka-server-stop.sh
Restart=on-abnormal
[Install]
WantedBy=multi-user.target
4. config/kafka_client_jaas.conf
KafkaClient {
org.apache.kafka.common.security.plain.PlainLoginModule required
username="alice"
password="alice-secret";
};
5. bin/sasl-kafka-topics.sh
exec $(dirname $0)/kafka-run-class.sh -Djava.security.auth.login.config=$(dirname $0)/../config/kafka_client_jaas.conf kafka.admin.TopicCommand "$@"
After that when I'm trying to create topic with:
bin/sasl-kafka-topics.sh --create --bootstrap-server localhost:9094 --replication-factor 1 --partitions 1 --topic my-topic
I got an error:
kafka-server-start.sh[19311]: [2020-01-20 13:47:09,404] INFO [SocketServer brokerId=0] Failed authentication with /127.0.0.1 (Unexpected Kafka request of type METADATA during SASL handshake.) (org.apache.kafka.common.network.Selector)
What did I miss?
Thanks.