[jira] [Commented] (CAMEL-12596) Camel-Kafka security protocol SASL_PLAINTEXT not supported
[
https://issues.apache.org/jira/browse/CAMEL-12596?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16531074#comment-16531074
]
Lizuca Mihaescu commented on CAMEL-12596:
-
Thank you both :). I am going to check the Red Hat to find someone.
In the mean time I will try simpler setups, step by step as suggested. It is
true I've tried to achieve to much :(
Please keep this issue for further investigation.
> Camel-Kafka security protocol SASL_PLAINTEXT not supported
> --
>
> Key: CAMEL-12596
> URL: https://issues.apache.org/jira/browse/CAMEL-12596
> Project: Camel
> Issue Type: Improvement
> Components: camel-kafka
>Affects Versions: 2.21.1
> Environment: * ActiveMQ v5.15.4
> * Camel:2.21.1
> * Kafka Clients: 1.1.0
> * Server Version: Apache/2.4.6(CentOS)
>Reporter: Lizuca Mihaescu
>Priority: Major
> Attachments: camel.xml, camel.xml
>
>
> I need to route ActiveMQ messages to Kafka(Cloudera) through Camel using
> authentication protocol Kerberos.
>
> Kafka Security documentation states that it only supports *SASL_PLAINTEXT*
> and *SASL_SSL* for Kerberos:
> [https://www.cloudera.com/documentation/kafka/2-0-x/topics/kafka_security.html]
>
> | ** |*SSL*|*Kerberos*|
> |PLAINTEXT|No|No|
> |SSL|Yes|No|
> |SASL_PLAINTEXT|No|Yes|
> |SASL_SSL|Yes|Yes|
>
>
>
> On the other hand when I try to use *SASL_PLAINTEXT* for security protocol in
> Camel I am getting an error during the ActiveMQ starting. As a result
> ActiveMQ will not start.
>
> I took the latest Camel code from: [https://github.com/apache/camel.git] and
> it states that it only supports *SSL* and *PLAINTEXT* as security protocols
> values.
>
> | *securityProtocol* (security) | Protocol used to communicate with brokers.
> Currently only PLAINTEXT and SSL are supported. | PLAINTEXT | String
>
>
> I did find this solved issue: [https://access.redhat.com/solutions/3364871]
> but I did not find any evidence that this is working in the latest Camel
> version.
>
> My Camel setup fragment is:
> {code:java}
> uri="kafka://10.100.70.00:9092?topic=MyEvents.s1.v1&brokers=10.100.70.00:9092&requestTimeoutMs=305000&retries=3&keySerializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&saslMechanism=GSSAPI&serializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&securityProtocol=SASL_PLAINTEXT&saslKerberosServiceName=kafka"/>{code}
>
> I am using an external Jaas configuration file:
> {code:java}
> KafkaClient {
> com.sun.security.auth.module.Krb5LoginModule required
> useKeyTab=true
> storeKey=true
> keyTab="./user.keytab"
> useTicketCache=false
> serviceName="kafka"
> principal=" Group/u...@domain.lan";
> };{code}
> Why Camel does not support *SASL_PLAINTEXT* *and* *SASL_SSL*?
>
> Please help me this is *VERY IMPORTANT* for the project I am working on and
> this issue is considered a blocker. I am also an experienced Java programmer
> and I am willing to contribute if necessary to the open source code for such
> implementation if the need may be.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Commented] (CAMEL-12596) Camel-Kafka security protocol SASL_PLAINTEXT not supported
[
https://issues.apache.org/jira/browse/CAMEL-12596?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16531029#comment-16531029
]
Lizuca Mihaescu commented on CAMEL-12596:
-
[~ancosen] [~dmvolod] can you recommend a consultant who can help with this
problem?
> Camel-Kafka security protocol SASL_PLAINTEXT not supported
> --
>
> Key: CAMEL-12596
> URL: https://issues.apache.org/jira/browse/CAMEL-12596
> Project: Camel
> Issue Type: Improvement
> Components: camel-kafka
>Affects Versions: 2.21.1
> Environment: * ActiveMQ v5.15.4
> * Camel:2.21.1
> * Kafka Clients: 1.1.0
> * Server Version: Apache/2.4.6(CentOS)
>Reporter: Lizuca Mihaescu
>Priority: Major
> Attachments: camel.xml, camel.xml
>
>
> I need to route ActiveMQ messages to Kafka(Cloudera) through Camel using
> authentication protocol Kerberos.
>
> Kafka Security documentation states that it only supports *SASL_PLAINTEXT*
> and *SASL_SSL* for Kerberos:
> [https://www.cloudera.com/documentation/kafka/2-0-x/topics/kafka_security.html]
>
> | ** |*SSL*|*Kerberos*|
> |PLAINTEXT|No|No|
> |SSL|Yes|No|
> |SASL_PLAINTEXT|No|Yes|
> |SASL_SSL|Yes|Yes|
>
>
>
> On the other hand when I try to use *SASL_PLAINTEXT* for security protocol in
> Camel I am getting an error during the ActiveMQ starting. As a result
> ActiveMQ will not start.
>
> I took the latest Camel code from: [https://github.com/apache/camel.git] and
> it states that it only supports *SSL* and *PLAINTEXT* as security protocols
> values.
>
> | *securityProtocol* (security) | Protocol used to communicate with brokers.
> Currently only PLAINTEXT and SSL are supported. | PLAINTEXT | String
>
>
> I did find this solved issue: [https://access.redhat.com/solutions/3364871]
> but I did not find any evidence that this is working in the latest Camel
> version.
>
> My Camel setup fragment is:
> {code:java}
> uri="kafka://10.100.70.00:9092?topic=MyEvents.s1.v1&brokers=10.100.70.00:9092&requestTimeoutMs=305000&retries=3&keySerializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&saslMechanism=GSSAPI&serializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&securityProtocol=SASL_PLAINTEXT&saslKerberosServiceName=kafka"/>{code}
>
> I am using an external Jaas configuration file:
> {code:java}
> KafkaClient {
> com.sun.security.auth.module.Krb5LoginModule required
> useKeyTab=true
> storeKey=true
> keyTab="./user.keytab"
> useTicketCache=false
> serviceName="kafka"
> principal=" Group/u...@domain.lan";
> };{code}
> Why Camel does not support *SASL_PLAINTEXT* *and* *SASL_SSL*?
>
> Please help me this is *VERY IMPORTANT* for the project I am working on and
> this issue is considered a blocker. I am also an experienced Java programmer
> and I am willing to contribute if necessary to the open source code for such
> implementation if the need may be.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Commented] (CAMEL-12596) Camel-Kafka security protocol SASL_PLAINTEXT not supported
[
https://issues.apache.org/jira/browse/CAMEL-12596?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16530996#comment-16530996
]
Lizuca Mihaescu commented on CAMEL-12596:
-
[~ancosen] The entire setup is complex and in a production environment :(
therefore I cannot give you access. I can try to describe here the setup in
hope you can might be able to give me some advice.
Please do not close this issue. I will try to investigate on my own what is
going on and try to create a smaller environment.
Additional libraries:
camel-core-2.21.1.jar
camel-jms-2.21.1.jar
camel-kafka-2.21.1.jar
camel-spring-2.21.1.jar
kafka-clients-1.1.0.jar
Using Active Directory with user@DOMAIN
Camel file: [^camel.xml]
Verified KeyTab file for user@DOMAIN
The main problem is that although the logging is set to DEBUG I cannot see any
ERROR or WARN into the logs but just that the ActiveMQ shuts down after Kafka
parameter setup.
Some other peculiarity is that as soon as I only change SASL_PLAINTEXT to
PLAINTEXT ActiveMQ starts up just fine.
So, it would be fine if I can get some sort of ERROR or WARN to tell me it is
something wrong with my Camel setup. I believe this you can see on your side, I
mean the missed error handling.
Do you have any integration testing for Camel Kafka Kerberos on your side?
> Camel-Kafka security protocol SASL_PLAINTEXT not supported
> --
>
> Key: CAMEL-12596
> URL: https://issues.apache.org/jira/browse/CAMEL-12596
> Project: Camel
> Issue Type: Improvement
> Components: camel-kafka
>Affects Versions: 2.21.1
> Environment: * ActiveMQ v5.15.4
> * Camel:2.21.1
> * Kafka Clients: 1.1.0
> * Server Version: Apache/2.4.6(CentOS)
>Reporter: Lizuca Mihaescu
>Priority: Major
> Attachments: camel.xml, camel.xml
>
>
> I need to route ActiveMQ messages to Kafka(Cloudera) through Camel using
> authentication protocol Kerberos.
>
> Kafka Security documentation states that it only supports *SASL_PLAINTEXT*
> and *SASL_SSL* for Kerberos:
> [https://www.cloudera.com/documentation/kafka/2-0-x/topics/kafka_security.html]
>
> | ** |*SSL*|*Kerberos*|
> |PLAINTEXT|No|No|
> |SSL|Yes|No|
> |SASL_PLAINTEXT|No|Yes|
> |SASL_SSL|Yes|Yes|
>
>
>
> On the other hand when I try to use *SASL_PLAINTEXT* for security protocol in
> Camel I am getting an error during the ActiveMQ starting. As a result
> ActiveMQ will not start.
>
> I took the latest Camel code from: [https://github.com/apache/camel.git] and
> it states that it only supports *SSL* and *PLAINTEXT* as security protocols
> values.
>
> | *securityProtocol* (security) | Protocol used to communicate with brokers.
> Currently only PLAINTEXT and SSL are supported. | PLAINTEXT | String
>
>
> I did find this solved issue: [https://access.redhat.com/solutions/3364871]
> but I did not find any evidence that this is working in the latest Camel
> version.
>
> My Camel setup fragment is:
> {code:java}
> uri="kafka://10.100.70.00:9092?topic=MyEvents.s1.v1&brokers=10.100.70.00:9092&requestTimeoutMs=305000&retries=3&keySerializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&saslMechanism=GSSAPI&serializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&securityProtocol=SASL_PLAINTEXT&saslKerberosServiceName=kafka"/>{code}
>
> I am using an external Jaas configuration file:
> {code:java}
> KafkaClient {
> com.sun.security.auth.module.Krb5LoginModule required
> useKeyTab=true
> storeKey=true
> keyTab="./user.keytab"
> useTicketCache=false
> serviceName="kafka"
> principal=" Group/u...@domain.lan";
> };{code}
> Why Camel does not support *SASL_PLAINTEXT* *and* *SASL_SSL*?
>
> Please help me this is *VERY IMPORTANT* for the project I am working on and
> this issue is considered a blocker. I am also an experienced Java programmer
> and I am willing to contribute if necessary to the open source code for such
> implementation if the need may be.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Updated] (CAMEL-12596) Camel-Kafka security protocol SASL_PLAINTEXT not supported
[
https://issues.apache.org/jira/browse/CAMEL-12596?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Lizuca Mihaescu updated CAMEL-12596:
Attachment: camel.xml
> Camel-Kafka security protocol SASL_PLAINTEXT not supported
> --
>
> Key: CAMEL-12596
> URL: https://issues.apache.org/jira/browse/CAMEL-12596
> Project: Camel
> Issue Type: Improvement
> Components: camel-kafka
>Affects Versions: 2.21.1
> Environment: * ActiveMQ v5.15.4
> * Camel:2.21.1
> * Kafka Clients: 1.1.0
> * Server Version: Apache/2.4.6(CentOS)
>Reporter: Lizuca Mihaescu
>Priority: Major
> Attachments: camel.xml, camel.xml
>
>
> I need to route ActiveMQ messages to Kafka(Cloudera) through Camel using
> authentication protocol Kerberos.
>
> Kafka Security documentation states that it only supports *SASL_PLAINTEXT*
> and *SASL_SSL* for Kerberos:
> [https://www.cloudera.com/documentation/kafka/2-0-x/topics/kafka_security.html]
>
> | ** |*SSL*|*Kerberos*|
> |PLAINTEXT|No|No|
> |SSL|Yes|No|
> |SASL_PLAINTEXT|No|Yes|
> |SASL_SSL|Yes|Yes|
>
>
>
> On the other hand when I try to use *SASL_PLAINTEXT* for security protocol in
> Camel I am getting an error during the ActiveMQ starting. As a result
> ActiveMQ will not start.
>
> I took the latest Camel code from: [https://github.com/apache/camel.git] and
> it states that it only supports *SSL* and *PLAINTEXT* as security protocols
> values.
>
> | *securityProtocol* (security) | Protocol used to communicate with brokers.
> Currently only PLAINTEXT and SSL are supported. | PLAINTEXT | String
>
>
> I did find this solved issue: [https://access.redhat.com/solutions/3364871]
> but I did not find any evidence that this is working in the latest Camel
> version.
>
> My Camel setup fragment is:
> {code:java}
> uri="kafka://10.100.70.00:9092?topic=MyEvents.s1.v1&brokers=10.100.70.00:9092&requestTimeoutMs=305000&retries=3&keySerializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&saslMechanism=GSSAPI&serializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&securityProtocol=SASL_PLAINTEXT&saslKerberosServiceName=kafka"/>{code}
>
> I am using an external Jaas configuration file:
> {code:java}
> KafkaClient {
> com.sun.security.auth.module.Krb5LoginModule required
> useKeyTab=true
> storeKey=true
> keyTab="./user.keytab"
> useTicketCache=false
> serviceName="kafka"
> principal=" Group/u...@domain.lan";
> };{code}
> Why Camel does not support *SASL_PLAINTEXT* *and* *SASL_SSL*?
>
> Please help me this is *VERY IMPORTANT* for the project I am working on and
> this issue is considered a blocker. I am also an experienced Java programmer
> and I am willing to contribute if necessary to the open source code for such
> implementation if the need may be.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Updated] (CAMEL-12596) Camel-Kafka security protocol SASL_PLAINTEXT not supported
[
https://issues.apache.org/jira/browse/CAMEL-12596?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Lizuca Mihaescu updated CAMEL-12596:
Attachment: camel.xml
> Camel-Kafka security protocol SASL_PLAINTEXT not supported
> --
>
> Key: CAMEL-12596
> URL: https://issues.apache.org/jira/browse/CAMEL-12596
> Project: Camel
> Issue Type: Improvement
> Components: camel-kafka
>Affects Versions: 2.21.1
> Environment: * ActiveMQ v5.15.4
> * Camel:2.21.1
> * Kafka Clients: 1.1.0
> * Server Version: Apache/2.4.6(CentOS)
>Reporter: Lizuca Mihaescu
>Priority: Major
> Attachments: camel.xml
>
>
> I need to route ActiveMQ messages to Kafka(Cloudera) through Camel using
> authentication protocol Kerberos.
>
> Kafka Security documentation states that it only supports *SASL_PLAINTEXT*
> and *SASL_SSL* for Kerberos:
> [https://www.cloudera.com/documentation/kafka/2-0-x/topics/kafka_security.html]
>
> | ** |*SSL*|*Kerberos*|
> |PLAINTEXT|No|No|
> |SSL|Yes|No|
> |SASL_PLAINTEXT|No|Yes|
> |SASL_SSL|Yes|Yes|
>
>
>
> On the other hand when I try to use *SASL_PLAINTEXT* for security protocol in
> Camel I am getting an error during the ActiveMQ starting. As a result
> ActiveMQ will not start.
>
> I took the latest Camel code from: [https://github.com/apache/camel.git] and
> it states that it only supports *SSL* and *PLAINTEXT* as security protocols
> values.
>
> | *securityProtocol* (security) | Protocol used to communicate with brokers.
> Currently only PLAINTEXT and SSL are supported. | PLAINTEXT | String
>
>
> I did find this solved issue: [https://access.redhat.com/solutions/3364871]
> but I did not find any evidence that this is working in the latest Camel
> version.
>
> My Camel setup fragment is:
> {code:java}
> uri="kafka://10.100.70.00:9092?topic=MyEvents.s1.v1&brokers=10.100.70.00:9092&requestTimeoutMs=305000&retries=3&keySerializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&saslMechanism=GSSAPI&serializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&securityProtocol=SASL_PLAINTEXT&saslKerberosServiceName=kafka"/>{code}
>
> I am using an external Jaas configuration file:
> {code:java}
> KafkaClient {
> com.sun.security.auth.module.Krb5LoginModule required
> useKeyTab=true
> storeKey=true
> keyTab="./user.keytab"
> useTicketCache=false
> serviceName="kafka"
> principal=" Group/u...@domain.lan";
> };{code}
> Why Camel does not support *SASL_PLAINTEXT* *and* *SASL_SSL*?
>
> Please help me this is *VERY IMPORTANT* for the project I am working on and
> this issue is considered a blocker. I am also an experienced Java programmer
> and I am willing to contribute if necessary to the open source code for such
> implementation if the need may be.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Commented] (CAMEL-12596) Camel-Kafka security protocol SASL_PLAINTEXT not supported
[
https://issues.apache.org/jira/browse/CAMEL-12596?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16530213#comment-16530213
]
Lizuca Mihaescu commented on CAMEL-12596:
-
Thank you [~ancosen] I understand now a bit more :).
Now the fact that I am not getting any error into the log and ActiveMQ shuts
down unexpectedly does not help me investigate what is going on :(. I know it
must be something wrong with parameters that I pass (most likely Kerberos
related) but I have no clue what.
Can you please check and point out what might be wrong? If you need more
information from me I can send you my entire setup.
> Camel-Kafka security protocol SASL_PLAINTEXT not supported
> --
>
> Key: CAMEL-12596
> URL: https://issues.apache.org/jira/browse/CAMEL-12596
> Project: Camel
> Issue Type: Improvement
> Components: camel-kafka
>Affects Versions: 2.21.1
> Environment: * ActiveMQ v5.15.4
> * Camel:2.21.1
> * Kafka Clients: 1.1.0
> * Server Version: Apache/2.4.6(CentOS)
>Reporter: Lizuca Mihaescu
>Priority: Major
>
> I need to route ActiveMQ messages to Kafka(Cloudera) through Camel using
> authentication protocol Kerberos.
>
> Kafka Security documentation states that it only supports *SASL_PLAINTEXT*
> and *SASL_SSL* for Kerberos:
> [https://www.cloudera.com/documentation/kafka/2-0-x/topics/kafka_security.html]
>
> | ** |*SSL*|*Kerberos*|
> |PLAINTEXT|No|No|
> |SSL|Yes|No|
> |SASL_PLAINTEXT|No|Yes|
> |SASL_SSL|Yes|Yes|
>
>
>
> On the other hand when I try to use *SASL_PLAINTEXT* for security protocol in
> Camel I am getting an error during the ActiveMQ starting. As a result
> ActiveMQ will not start.
>
> I took the latest Camel code from: [https://github.com/apache/camel.git] and
> it states that it only supports *SSL* and *PLAINTEXT* as security protocols
> values.
>
> | *securityProtocol* (security) | Protocol used to communicate with brokers.
> Currently only PLAINTEXT and SSL are supported. | PLAINTEXT | String
>
>
> I did find this solved issue: [https://access.redhat.com/solutions/3364871]
> but I did not find any evidence that this is working in the latest Camel
> version.
>
> My Camel setup fragment is:
> {code:java}
> uri="kafka://10.100.70.00:9092?topic=MyEvents.s1.v1&brokers=10.100.70.00:9092&requestTimeoutMs=305000&retries=3&keySerializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&saslMechanism=GSSAPI&serializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&securityProtocol=SASL_PLAINTEXT&saslKerberosServiceName=kafka"/>{code}
>
> I am using an external Jaas configuration file:
> {code:java}
> KafkaClient {
> com.sun.security.auth.module.Krb5LoginModule required
> useKeyTab=true
> storeKey=true
> keyTab="./user.keytab"
> useTicketCache=false
> serviceName="kafka"
> principal=" Group/u...@domain.lan";
> };{code}
> Why Camel does not support *SASL_PLAINTEXT* *and* *SASL_SSL*?
>
> Please help me this is *VERY IMPORTANT* for the project I am working on and
> this issue is considered a blocker. I am also an experienced Java programmer
> and I am willing to contribute if necessary to the open source code for such
> implementation if the need may be.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Commented] (CAMEL-12596) Camel-Kafka security protocol SASL_PLAINTEXT not supported
[
https://issues.apache.org/jira/browse/CAMEL-12596?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16530182#comment-16530182
]
Lizuca Mihaescu commented on CAMEL-12596:
-
Unfortunately it is hard to explain what is going on :(. By trying various
settings I got to the idea that SASL_PLAINTEXT is somehow not accepted. By
looking into the Camel code where it states that only PLAINTEXT and SSL are
supported I decided to come here and open this issue.
Why would they write into the code that only SSL and PLAINTEXT are supported
when more are supposedly supported?
> Camel-Kafka security protocol SASL_PLAINTEXT not supported
> --
>
> Key: CAMEL-12596
> URL: https://issues.apache.org/jira/browse/CAMEL-12596
> Project: Camel
> Issue Type: Improvement
> Components: camel-kafka
>Affects Versions: 2.21.1
> Environment: * ActiveMQ v5.15.4
> * Camel:2.21.1
> * Kafka Clients: 1.1.0
> * Server Version: Apache/2.4.6(CentOS)
>Reporter: Lizuca Mihaescu
>Priority: Major
>
> I need to route ActiveMQ messages to Kafka(Cloudera) through Camel using
> authentication protocol Kerberos.
>
> Kafka Security documentation states that it only supports *SASL_PLAINTEXT*
> and *SASL_SSL* for Kerberos:
> [https://www.cloudera.com/documentation/kafka/2-0-x/topics/kafka_security.html]
>
> | ** |*SSL*|*Kerberos*|
> |PLAINTEXT|No|No|
> |SSL|Yes|No|
> |SASL_PLAINTEXT|No|Yes|
> |SASL_SSL|Yes|Yes|
>
>
>
> On the other hand when I try to use *SASL_PLAINTEXT* for security protocol in
> Camel I am getting an error during the ActiveMQ starting. As a result
> ActiveMQ will not start.
>
> I took the latest Camel code from: [https://github.com/apache/camel.git] and
> it states that it only supports *SSL* and *PLAINTEXT* as security protocols
> values.
>
> | *securityProtocol* (security) | Protocol used to communicate with brokers.
> Currently only PLAINTEXT and SSL are supported. | PLAINTEXT | String
>
>
> I did find this solved issue: [https://access.redhat.com/solutions/3364871]
> but I did not find any evidence that this is working in the latest Camel
> version.
>
> My Camel setup fragment is:
> {code:java}
> uri="kafka://10.100.70.00:9092?topic=MyEvents.s1.v1&brokers=10.100.70.00:9092&requestTimeoutMs=305000&retries=3&keySerializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&saslMechanism=GSSAPI&serializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&securityProtocol=SASL_PLAINTEXT&saslKerberosServiceName=kafka"/>{code}
>
> I am using an external Jaas configuration file:
> {code:java}
> KafkaClient {
> com.sun.security.auth.module.Krb5LoginModule required
> useKeyTab=true
> storeKey=true
> keyTab="./user.keytab"
> useTicketCache=false
> serviceName="kafka"
> principal=" Group/u...@domain.lan";
> };{code}
> Why Camel does not support *SASL_PLAINTEXT* *and* *SASL_SSL*?
>
> Please help me this is *VERY IMPORTANT* for the project I am working on and
> this issue is considered a blocker. I am also an experienced Java programmer
> and I am willing to contribute if necessary to the open source code for such
> implementation if the need may be.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Commented] (CAMEL-12596) Camel-Kafka security protocol SASL_PLAINTEXT not supported
[
https://issues.apache.org/jira/browse/CAMEL-12596?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16530174#comment-16530174
]
Lizuca Mihaescu commented on CAMEL-12596:
-
ActiveMQ shuts down immediately after starting. There is no error into the log
during shutdown:
{code:java}
acks = 1
batch.size = 16384
bootstrap.servers = [10.148.70.74:9092]
buffer.memory = 33554432
client.id =
compression.type = none
connections.max.idle.ms = 54
enable.idempotence = false
interceptor.classes = []
key.serializer = class
org.apache.kafka.common.serialization.ByteArraySerializer linger.ms = 0
max.block.ms = 6
max.in.flight.requests.per.connection = 5
max.request.size = 1048576
metadata.max.age.ms = 30
metric.reporters = []
metrics.num.samples = 2
metrics.recording.level = INFO
metrics.sample.window.ms = 3
partitioner.class = class
org.apache.kafka.clients.producer.internals.DefaultPartitioner
receive.buffer.bytes = 65536
reconnect.backoff.max.ms = 1000
reconnect.backoff.ms = 50
request.timeout.ms = 305000
retries = 3
retry.backoff.ms = 100
sasl.jaas.config = [hidden]
sasl.kerberos.kinit.cmd = /usr/bin/kinit
sasl.kerberos.min.time.before.relogin = 6
sasl.kerberos.service.name = kafka
sasl.kerberos.ticket.renew.jitter = 0.05
sasl.kerberos.ticket.renew.window.factor = 0.8
sasl.mechanism = GSSAPI
security.protocol = SASL_PLAINTEXT
send.buffer.bytes = 131072
ssl.cipher.suites = null
ssl.enabled.protocols = [TLSv1.2, TLSv1.1, TLSv1]
ssl.endpoint.identification.algorithm = null
ssl.key.password = null
ssl.keymanager.algorithm = SunX509
ssl.keystore.location = null
ssl.keystore.password = null
ssl.keystore.type = JKS
ssl.protocol = TLS
ssl.provider = null
ssl.secure.random.implementation = null
ssl.trustmanager.algorithm = PKIX
ssl.truststore.location = null
ssl.truststore.password = null
ssl.truststore.type = JKS
transaction.timeout.ms = 6
transactional.id = null
value.serializer = class
org.apache.kafka.common.serialization.ByteArraySerializer{code}
{code:java}
2018-07-02 18:27:16,382 | INFO | [Producer clientId=producer-1] Closing the
Kafka producer with timeoutMillis = 0 ms. |
org.apache.kafka.clients.producer.KafkaProducer | main
2018-07-02 18:27:16,384 | INFO | Apache Camel 2.21.0 (CamelContext: camel) is
shutting down | org.apache.camel.spring.SpringCamelContext | main
2018-07-02 18:27:16,388 | DEBUG | Shutting down with no inflight threads. |
org.apache.camel.impl.DefaultAsyncProcessorAwaitManager | main
2018-07-02 18:27:16,399 | DEBUG | Clearing simple language predicate
cache[size=0, hits=0, misses=0, evicted=0] |
org.apache.camel.language.simple.SimpleLanguage | main
2018-07-02 18:27:16,404 | DEBUG | Clearing simple language expression
cache[size=1, hits=0, misses=1, evicted=0] |
org.apache.camel.language.simple.SimpleLanguage | main
2018-07-02 18:27:16,407 | DEBUG | Unregistered MBean with ObjectName:
org.apache.camel:context=camel,type=routecontrollers,name="camel" |
org.apache.camel.management.DefaultManagementAgent | main
2018-07-02 18:27:16,410 | DEBUG | Unregistered MBean with ObjectName:
org.apache.camel:context=camel,type=health,name="camel" |
org.apache.camel.management.DefaultManagementAgent | main
2018-07-02 18:27:16,413 | DEBUG | Removed TimerListener:
org.apache.camel.management.mbean.ManagedCamelContext@541179e7 |
org.apache.camel.support.TimerListenerManager | main
2018-07-02 18:27:16,416 | DEBUG | Unregistered MBean with ObjectName:
org.apache.camel:context=camel,type=context,name="camel" |
org.apache.camel.management.DefaultManagementAgent | main
2018-07-02 18:27:16,419 | DEBUG | Shutting down with no inflight exchanges. |
org.apache.camel.impl.DefaultInflightRepository | main
2018-07-02 18:27:16,422 | DEBUG | Stopping service pool:
org.apache.camel.impl.SharedPollingConsumerServicePool@16e7b402 |
org.apache.camel.impl.SharedPollingConsumerServicePool | main
2018-07-02 18:27:16,425 | DEBUG | Stopping service pool:
org.apache.camel.impl.SharedProducerServicePool@2f00f851 |
org.apache.camel.impl.SharedProducerServicePool | main
2018-07-02 18:27:16,428 | DEBUG | Giving time for 1 ExecutorService's to
shutdown properly (acting as fail-safe) |
org.apache.camel.impl.DefaultExecutorServiceManager | main
2018-07-02 18:27:16,434 | DEBUG | Shutdown of ExecutorService:
java.util.concurrent.ThreadPoolExecutor@8bd86c8[Terminated, pool size = 0,
active threads = 0, queued tasks = 0, completed tasks = 0] is shutdown: true
and terminated: true took: 0.000 seconds. |
org.apache.camel.impl.DefaultExecutorServiceManager | main
2018-07-02 18:27:16,437 | DEBUG | Unregistered MBean with ObjectName:
org.apache.
[jira] [Comment Edited] (CAMEL-12596) Camel-Kafka security protocol SASL_PLAINTEXT not supported
[
https://issues.apache.org/jira/browse/CAMEL-12596?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16529990#comment-16529990
]
Lizuca Mihaescu edited comment on CAMEL-12596 at 7/2/18 2:21 PM:
-
[~ancosen] Actually I've tried in the past all combinations with and without
saslJaasConfig and it seems like SASL_PLAINTEXT with GSSAPI are the problem. As
soon as I use PLAINTEXT instead of SASL_PLAINTEXT I get no verification
problem. Do you have an explanation for this?
I've tried configuration:
{code:java}
{code}
was (Author: macuzil):
[~ancosen] Actually I've tried in the past all combinations with and without
saslJaasConfig and it seems like SASL_PLAINTEXT with GSSAPI are the problem. As
soon as I use PLAINTEXT instead of SASL_PLAINTEXT I get no verification
problem. Do you have an explanation for this?
I've tried configuration:
{code:java}
{code}
> Camel-Kafka security protocol SASL_PLAINTEXT not supported
> --
>
> Key: CAMEL-12596
> URL: https://issues.apache.org/jira/browse/CAMEL-12596
> Project: Camel
> Issue Type: Improvement
> Components: camel-kafka
>Affects Versions: 2.21.1
> Environment: * ActiveMQ v5.15.4
> * Camel:2.21.1
> * Kafka Clients: 1.1.0
> * Server Version: Apache/2.4.6(CentOS)
>Reporter: Lizuca Mihaescu
>Priority: Major
>
> I need to route ActiveMQ messages to Kafka(Cloudera) through Camel using
> authentication protocol Kerberos.
>
> Kafka Security documentation states that it only supports *SASL_PLAINTEXT*
> and *SASL_SSL* for Kerberos:
> [https://www.cloudera.com/documentation/kafka/2-0-x/topics/kafka_security.html]
>
> | ** |*SSL*|*Kerberos*|
> |PLAINTEXT|No|No|
> |SSL|Yes|No|
> |SASL_PLAINTEXT|No|Yes|
> |SASL_SSL|Yes|Yes|
>
>
>
> On the other hand when I try to use *SASL_PLAINTEXT* for security protocol in
> Camel I am getting an error during the ActiveMQ starting. As a result
> ActiveMQ will not start.
>
> I took the latest Camel code from: [https://github.com/apache/camel.git] and
> it states that it only supports *SSL* and *PLAINTEXT* as security protocols
> values.
>
> | *securityProtocol* (security) | Protocol used to communicate with brokers.
> Currently only PLAINTEXT and SSL are supported. | PLAINTEXT | String
>
>
> I did find this solved issue: [https://access.redhat.com/solutions/3364871]
> but I did not find any evidence that this is working in the latest Camel
> version.
>
> My Camel setup fragment is:
> {code:java}
> uri="kafka://10.100.70.00:9092?topic=MyEvents.s1.v1&brokers=10.100.70.00:9092&requestTimeoutMs=305000&retries=3&keySerializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&saslMechanism=GSSAPI&serializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&securityProtocol=SASL_PLAINTEXT&saslKerberosServiceName=kafka"/>{code}
>
> I am using an external Jaas configuration file:
> {code:java}
> KafkaClient {
> com.sun.security.auth.module.Krb5LoginModule required
> useKeyTab=true
> storeKey=true
> keyTab="./user.keytab"
> useTicketCache=false
> serviceName="kafka"
> principal=" Group/u...@domain.lan";
> };{code}
> Why Camel does not support *SASL_PLAINTEXT* *and* *SASL_SSL*?
>
> Please help me this is *VERY IMPORTANT* for the project I am working on and
> this issue is considered a blocker. I am also an experienced Java programmer
> and I am willing to contribute if necessary to the open source code for such
> implementation if the need may be.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Commented] (CAMEL-12596) Camel-Kafka security protocol SASL_PLAINTEXT not supported
[
https://issues.apache.org/jira/browse/CAMEL-12596?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16529990#comment-16529990
]
Lizuca Mihaescu commented on CAMEL-12596:
-
[~ancosen] Actually I've tried in the past all combinations with and without
saslJaasConfig and it seems like SASL_PLAINTEXT with GSSAPI are the problem. As
soon as I use PLAINTEXT instead of SASL_PLAINTEXT I get no verification
problem. Do you have an explanation for this?
I've tried configuration:
{code:java}
{code}
> Camel-Kafka security protocol SASL_PLAINTEXT not supported
> --
>
> Key: CAMEL-12596
> URL: https://issues.apache.org/jira/browse/CAMEL-12596
> Project: Camel
> Issue Type: Improvement
> Components: camel-kafka
>Affects Versions: 2.21.1
> Environment: * ActiveMQ v5.15.4
> * Camel:2.21.1
> * Kafka Clients: 1.1.0
> * Server Version: Apache/2.4.6(CentOS)
>Reporter: Lizuca Mihaescu
>Priority: Major
>
> I need to route ActiveMQ messages to Kafka(Cloudera) through Camel using
> authentication protocol Kerberos.
>
> Kafka Security documentation states that it only supports *SASL_PLAINTEXT*
> and *SASL_SSL* for Kerberos:
> [https://www.cloudera.com/documentation/kafka/2-0-x/topics/kafka_security.html]
>
> | ** |*SSL*|*Kerberos*|
> |PLAINTEXT|No|No|
> |SSL|Yes|No|
> |SASL_PLAINTEXT|No|Yes|
> |SASL_SSL|Yes|Yes|
>
>
>
> On the other hand when I try to use *SASL_PLAINTEXT* for security protocol in
> Camel I am getting an error during the ActiveMQ starting. As a result
> ActiveMQ will not start.
>
> I took the latest Camel code from: [https://github.com/apache/camel.git] and
> it states that it only supports *SSL* and *PLAINTEXT* as security protocols
> values.
>
> | *securityProtocol* (security) | Protocol used to communicate with brokers.
> Currently only PLAINTEXT and SSL are supported. | PLAINTEXT | String
>
>
> I did find this solved issue: [https://access.redhat.com/solutions/3364871]
> but I did not find any evidence that this is working in the latest Camel
> version.
>
> My Camel setup fragment is:
> {code:java}
> uri="kafka://10.100.70.00:9092?topic=MyEvents.s1.v1&brokers=10.100.70.00:9092&requestTimeoutMs=305000&retries=3&keySerializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&saslMechanism=GSSAPI&serializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&securityProtocol=SASL_PLAINTEXT&saslKerberosServiceName=kafka"/>{code}
>
> I am using an external Jaas configuration file:
> {code:java}
> KafkaClient {
> com.sun.security.auth.module.Krb5LoginModule required
> useKeyTab=true
> storeKey=true
> keyTab="./user.keytab"
> useTicketCache=false
> serviceName="kafka"
> principal=" Group/u...@domain.lan";
> };{code}
> Why Camel does not support *SASL_PLAINTEXT* *and* *SASL_SSL*?
>
> Please help me this is *VERY IMPORTANT* for the project I am working on and
> this issue is considered a blocker. I am also an experienced Java programmer
> and I am willing to contribute if necessary to the open source code for such
> implementation if the need may be.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Commented] (CAMEL-12596) Camel-Kafka security protocol SASL_PLAINTEXT not supported
[
https://issues.apache.org/jira/browse/CAMEL-12596?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16529703#comment-16529703
]
Lizuca Mihaescu commented on CAMEL-12596:
-
[~ancosen] I am not very familiar with Camel internals but I believe the Camel
parameters shall be verified so user does not enter garbage and the
configuration could be loaded. I do not believe that ActiveMQ shall be aware of
the valid parameters for Camel configuration. During such process Camel throws
a verification exception therefore ActiveMQ does not start.
So, during the Camel parameters verification process the SASL_PLAINTEXT is not
accepted as a parameter. This is easy to try with any Camel configurations you
might have. Just try to enter securityProtocol=SASL_PLAINTEXT and you will get
an error during the verification stage which takes place at ActiveMQ startup.
Let me know if you can try this suggested test.
If not, as right now I do not have access to my test setup but as soon as I get
access I will provide you with all my details.
> Camel-Kafka security protocol SASL_PLAINTEXT not supported
> --
>
> Key: CAMEL-12596
> URL: https://issues.apache.org/jira/browse/CAMEL-12596
> Project: Camel
> Issue Type: Improvement
> Components: camel-kafka
>Affects Versions: 2.21.1
> Environment: * ActiveMQ v5.15.4
> * Camel:2.21.1
> * Kafka Clients: 1.1.0
> * Server Version: Apache/2.4.6(CentOS)
>Reporter: Lizuca Mihaescu
>Priority: Major
>
> I need to route ActiveMQ messages to Kafka(Cloudera) through Camel using
> authentication protocol Kerberos.
>
> Kafka Security documentation states that it only supports *SASL_PLAINTEXT*
> and *SASL_SSL* for Kerberos:
> [https://www.cloudera.com/documentation/kafka/2-0-x/topics/kafka_security.html]
>
> | ** |*SSL*|*Kerberos*|
> |PLAINTEXT|No|No|
> |SSL|Yes|No|
> |SASL_PLAINTEXT|No|Yes|
> |SASL_SSL|Yes|Yes|
>
>
>
> On the other hand when I try to use *SASL_PLAINTEXT* for security protocol in
> Camel I am getting an error during the ActiveMQ starting. As a result
> ActiveMQ will not start.
>
> I took the latest Camel code from: [https://github.com/apache/camel.git] and
> it states that it only supports *SSL* and *PLAINTEXT* as security protocols
> values.
>
> | *securityProtocol* (security) | Protocol used to communicate with brokers.
> Currently only PLAINTEXT and SSL are supported. | PLAINTEXT | String
>
>
> I did find this solved issue: [https://access.redhat.com/solutions/3364871]
> but I did not find any evidence that this is working in the latest Camel
> version.
>
> My Camel setup fragment is:
> {code:java}
> uri="kafka://10.100.70.00:9092?topic=MyEvents.s1.v1&brokers=10.100.70.00:9092&requestTimeoutMs=305000&retries=3&keySerializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&saslMechanism=GSSAPI&serializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&securityProtocol=SASL_PLAINTEXT&saslKerberosServiceName=kafka"/>{code}
>
> I am using an external Jaas configuration file:
> {code:java}
> KafkaClient {
> com.sun.security.auth.module.Krb5LoginModule required
> useKeyTab=true
> storeKey=true
> keyTab="./user.keytab"
> useTicketCache=false
> serviceName="kafka"
> principal=" Group/u...@domain.lan";
> };{code}
> Why Camel does not support *SASL_PLAINTEXT* *and* *SASL_SSL*?
>
> Please help me this is *VERY IMPORTANT* for the project I am working on and
> this issue is considered a blocker. I am also an experienced Java programmer
> and I am willing to contribute if necessary to the open source code for such
> implementation if the need may be.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Commented] (CAMEL-12596) Camel-Kafka security protocol SASL_PLAINTEXT not supported
[
https://issues.apache.org/jira/browse/CAMEL-12596?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16529677#comment-16529677
]
Lizuca Mihaescu commented on CAMEL-12596:
-
[~ancosen] The Camel route is not failing :( (that would be good news for me)
the ActiveMQ does not start at all when I use SASL_PLAINTEXT instead of
PLAINTEXT. That means Camel does not accept SASL_PLAINTEXT as security protocol
value as described above.
> Camel-Kafka security protocol SASL_PLAINTEXT not supported
> --
>
> Key: CAMEL-12596
> URL: https://issues.apache.org/jira/browse/CAMEL-12596
> Project: Camel
> Issue Type: Improvement
> Components: camel-kafka
>Affects Versions: 2.21.1
> Environment: * ActiveMQ v5.15.4
> * Camel:2.21.1
> * Kafka Clients: 1.1.0
> * Server Version: Apache/2.4.6(CentOS)
>Reporter: Lizuca Mihaescu
>Priority: Major
>
> I need to route ActiveMQ messages to Kafka(Cloudera) through Camel using
> authentication protocol Kerberos.
>
> Kafka Security documentation states that it only supports *SASL_PLAINTEXT*
> and *SASL_SSL* for Kerberos:
> [https://www.cloudera.com/documentation/kafka/2-0-x/topics/kafka_security.html]
>
> | ** |*SSL*|*Kerberos*|
> |PLAINTEXT|No|No|
> |SSL|Yes|No|
> |SASL_PLAINTEXT|No|Yes|
> |SASL_SSL|Yes|Yes|
>
>
>
> On the other hand when I try to use *SASL_PLAINTEXT* for security protocol in
> Camel I am getting an error during the ActiveMQ starting. As a result
> ActiveMQ will not start.
>
> I took the latest Camel code from: [https://github.com/apache/camel.git] and
> it states that it only supports *SSL* and *PLAINTEXT* as security protocols
> values.
>
> | *securityProtocol* (security) | Protocol used to communicate with brokers.
> Currently only PLAINTEXT and SSL are supported. | PLAINTEXT | String
>
>
> I did find this solved issue: [https://access.redhat.com/solutions/3364871]
> but I did not find any evidence that this is working in the latest Camel
> version.
>
> My Camel setup fragment is:
> {code:java}
> uri="kafka://10.100.70.00:9092?topic=MyEvents.s1.v1&brokers=10.100.70.00:9092&requestTimeoutMs=305000&retries=3&keySerializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&saslMechanism=GSSAPI&serializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&securityProtocol=SASL_PLAINTEXT&saslKerberosServiceName=kafka"/>{code}
>
> I am using an external Jaas configuration file:
> {code:java}
> KafkaClient {
> com.sun.security.auth.module.Krb5LoginModule required
> useKeyTab=true
> storeKey=true
> keyTab="./user.keytab"
> useTicketCache=false
> serviceName="kafka"
> principal=" Group/u...@domain.lan";
> };{code}
> Why Camel does not support *SASL_PLAINTEXT* *and* *SASL_SSL*?
>
> Please help me this is *VERY IMPORTANT* for the project I am working on and
> this issue is considered a blocker. I am also an experienced Java programmer
> and I am willing to contribute if necessary to the open source code for such
> implementation if the need may be.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Commented] (CAMEL-12596) Camel-Kafka security protocol SASL_PLAINTEXT not supported
[
https://issues.apache.org/jira/browse/CAMEL-12596?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16529640#comment-16529640
]
Lizuca Mihaescu commented on CAMEL-12596:
-
[~ancosen] As evidence I've cloned the latest Camel code:
[https://github.com/apache/camel.git] and I was not able to find any
SASL_PLAINTEXT constant into the code. In the file
KafkaComponentConfiguration.java I did find the following lines:
{code:java}
/**
* Protocol used to communicate with brokers. Currently only PLAINTEXT
* and SSL are supported.
*/
private String securityProtocol = "PLAINTEXT";{code}
I do not doubt that the mapping is done internally with Kafka Client. The
problem stated here is that in the above described case the mapping is missing
:(. That means the SASL_PLAINTEXT is not accepted as value for securityProtocol.
This is a critical issue for the project I am working on as I cannot produce
messages to Kafka through Cloudera as long as the security protocol value
SASL_PLAINTEXT is not a recognised value for securityProtocol by Camel. I could
not find any test in Kafka to prove this value is accepted.
> Camel-Kafka security protocol SASL_PLAINTEXT not supported
> --
>
> Key: CAMEL-12596
> URL: https://issues.apache.org/jira/browse/CAMEL-12596
> Project: Camel
> Issue Type: Improvement
> Components: camel-kafka
>Affects Versions: 2.21.1
> Environment: * ActiveMQ v5.15.4
> * Camel:2.21.1
> * Kafka Clients: 1.1.0
> * Server Version: Apache/2.4.6(CentOS)
>Reporter: Lizuca Mihaescu
>Priority: Major
>
> I need to route ActiveMQ messages to Kafka(Cloudera) through Camel using
> authentication protocol Kerberos.
>
> Kafka Security documentation states that it only supports *SASL_PLAINTEXT*
> and *SASL_SSL* for Kerberos:
> [https://www.cloudera.com/documentation/kafka/2-0-x/topics/kafka_security.html]
>
> | ** |*SSL*|*Kerberos*|
> |PLAINTEXT|No|No|
> |SSL|Yes|No|
> |SASL_PLAINTEXT|No|Yes|
> |SASL_SSL|Yes|Yes|
>
>
>
> On the other hand when I try to use *SASL_PLAINTEXT* for security protocol in
> Camel I am getting an error during the ActiveMQ starting. As a result
> ActiveMQ will not start.
>
> I took the latest Camel code from: [https://github.com/apache/camel.git] and
> it states that it only supports *SSL* and *PLAINTEXT* as security protocols
> values.
>
> | *securityProtocol* (security) | Protocol used to communicate with brokers.
> Currently only PLAINTEXT and SSL are supported. | PLAINTEXT | String
>
>
> I did find this solved issue: [https://access.redhat.com/solutions/3364871]
> but I did not find any evidence that this is working in the latest Camel
> version.
>
> My Camel setup fragment is:
> {code:java}
> uri="kafka://10.100.70.00:9092?topic=MyEvents.s1.v1&brokers=10.100.70.00:9092&requestTimeoutMs=305000&retries=3&keySerializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&saslMechanism=GSSAPI&serializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&securityProtocol=SASL_PLAINTEXT&saslKerberosServiceName=kafka"/>{code}
>
> I am using an external Jaas configuration file:
> {code:java}
> KafkaClient {
> com.sun.security.auth.module.Krb5LoginModule required
> useKeyTab=true
> storeKey=true
> keyTab="./user.keytab"
> useTicketCache=false
> serviceName="kafka"
> principal=" Group/u...@domain.lan";
> };{code}
> Why Camel does not support *SASL_PLAINTEXT* *and* *SASL_SSL*?
>
> Please help me this is *VERY IMPORTANT* for the project I am working on and
> this issue is considered a blocker. I am also an experienced Java programmer
> and I am willing to contribute if necessary to the open source code for such
> implementation if the need may be.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Reopened] (CAMEL-12596) Camel-Kafka security protocol SASL_PLAINTEXT not supported
[
https://issues.apache.org/jira/browse/CAMEL-12596?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Lizuca Mihaescu reopened CAMEL-12596:
-
Explanation/Resolution provided for this issue not satisfactory. There is no
evidence that the assigned solver had checked properly the described issue :(
> Camel-Kafka security protocol SASL_PLAINTEXT not supported
> --
>
> Key: CAMEL-12596
> URL: https://issues.apache.org/jira/browse/CAMEL-12596
> Project: Camel
> Issue Type: Improvement
> Components: camel-kafka
>Affects Versions: 2.21.1
> Environment: * ActiveMQ v5.15.4
> * Camel:2.21.1
> * Kafka Clients: 1.1.0
> * Server Version: Apache/2.4.6(CentOS)
>Reporter: Lizuca Mihaescu
>Priority: Major
>
> I need to route ActiveMQ messages to Kafka(Cloudera) through Camel using
> authentication protocol Kerberos.
>
> Kafka Security documentation states that it only supports *SASL_PLAINTEXT*
> and *SASL_SSL* for Kerberos:
> [https://www.cloudera.com/documentation/kafka/2-0-x/topics/kafka_security.html]
>
> | ** |*SSL*|*Kerberos*|
> |PLAINTEXT|No|No|
> |SSL|Yes|No|
> |SASL_PLAINTEXT|No|Yes|
> |SASL_SSL|Yes|Yes|
>
>
>
> On the other hand when I try to use *SASL_PLAINTEXT* for security protocol in
> Camel I am getting an error during the ActiveMQ starting. As a result
> ActiveMQ will not start.
>
> I took the latest Camel code from: [https://github.com/apache/camel.git] and
> it states that it only supports *SSL* and *PLAINTEXT* as security protocols
> values.
>
> | *securityProtocol* (security) | Protocol used to communicate with brokers.
> Currently only PLAINTEXT and SSL are supported. | PLAINTEXT | String
>
>
> I did find this solved issue: [https://access.redhat.com/solutions/3364871]
> but I did not find any evidence that this is working in the latest Camel
> version.
>
> My Camel setup fragment is:
> {code:java}
> uri="kafka://10.100.70.00:9092?topic=MyEvents.s1.v1&brokers=10.100.70.00:9092&requestTimeoutMs=305000&retries=3&keySerializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&saslMechanism=GSSAPI&serializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&securityProtocol=SASL_PLAINTEXT&saslKerberosServiceName=kafka"/>{code}
>
> I am using an external Jaas configuration file:
> {code:java}
> KafkaClient {
> com.sun.security.auth.module.Krb5LoginModule required
> useKeyTab=true
> storeKey=true
> keyTab="./user.keytab"
> useTicketCache=false
> serviceName="kafka"
> principal=" Group/u...@domain.lan";
> };{code}
> Why Camel does not support *SASL_PLAINTEXT* *and* *SASL_SSL*?
>
> Please help me this is *VERY IMPORTANT* for the project I am working on and
> this issue is considered a blocker. I am also an experienced Java programmer
> and I am willing to contribute if necessary to the open source code for such
> implementation if the need may be.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Commented] (CAMEL-12596) Camel-Kafka security protocol SASL_PLAINTEXT not supported
[
https://issues.apache.org/jira/browse/CAMEL-12596?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16529588#comment-16529588
]
Lizuca Mihaescu commented on CAMEL-12596:
-
[~ancosen] in the provided link there is no evidence whatsoever that the stated
combination works:
saslMechanism=GSSAPI,
securityProtocol=SASL_PLAINTEXT
Did you personally tried this combination? Can you start ActiveMQ using this
combination?
My configuration works fine (ActiveMQ starts without errors) with combination:
saslMechanism=GSSAPI,
securityProtocol=PLAINTEXT
In the documentation provided by you
[https://github.com/apache/camel/blob/master/components/camel-kafka/src/main/docs/kafka-component.adoc]
it specifically states:
|*securityProtocol* (security)|Protocol used to communicate with brokers.
Currently only PLAINTEXT and SSL are supported.|PLAINTEXT|String|
> Camel-Kafka security protocol SASL_PLAINTEXT not supported
> --
>
> Key: CAMEL-12596
> URL: https://issues.apache.org/jira/browse/CAMEL-12596
> Project: Camel
> Issue Type: Improvement
> Components: camel-kafka
>Affects Versions: 2.21.1
> Environment: * ActiveMQ v5.15.4
> * Camel:2.21.1
> * Kafka Clients: 1.1.0
> * Server Version: Apache/2.4.6(CentOS)
>Reporter: Lizuca Mihaescu
>Priority: Major
>
> I need to route ActiveMQ messages to Kafka(Cloudera) through Camel using
> authentication protocol Kerberos.
>
> Kafka Security documentation states that it only supports *SASL_PLAINTEXT*
> and *SASL_SSL* for Kerberos:
> [https://www.cloudera.com/documentation/kafka/2-0-x/topics/kafka_security.html]
>
> | ** |*SSL*|*Kerberos*|
> |PLAINTEXT|No|No|
> |SSL|Yes|No|
> |SASL_PLAINTEXT|No|Yes|
> |SASL_SSL|Yes|Yes|
>
>
>
> On the other hand when I try to use *SASL_PLAINTEXT* for security protocol in
> Camel I am getting an error during the ActiveMQ starting. As a result
> ActiveMQ will not start.
>
> I took the latest Camel code from: [https://github.com/apache/camel.git] and
> it states that it only supports *SSL* and *PLAINTEXT* as security protocols
> values.
>
> | *securityProtocol* (security) | Protocol used to communicate with brokers.
> Currently only PLAINTEXT and SSL are supported. | PLAINTEXT | String
>
>
> I did find this solved issue: [https://access.redhat.com/solutions/3364871]
> but I did not find any evidence that this is working in the latest Camel
> version.
>
> My Camel setup fragment is:
> {code:java}
> uri="kafka://10.100.70.00:9092?topic=MyEvents.s1.v1&brokers=10.100.70.00:9092&requestTimeoutMs=305000&retries=3&keySerializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&saslMechanism=GSSAPI&serializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&securityProtocol=SASL_PLAINTEXT&saslKerberosServiceName=kafka"/>{code}
>
> I am using an external Jaas configuration file:
> {code:java}
> KafkaClient {
> com.sun.security.auth.module.Krb5LoginModule required
> useKeyTab=true
> storeKey=true
> keyTab="./user.keytab"
> useTicketCache=false
> serviceName="kafka"
> principal=" Group/u...@domain.lan";
> };{code}
> Why Camel does not support *SASL_PLAINTEXT* *and* *SASL_SSL*?
>
> Please help me this is *VERY IMPORTANT* for the project I am working on and
> this issue is considered a blocker. I am also an experienced Java programmer
> and I am willing to contribute if necessary to the open source code for such
> implementation if the need may be.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Commented] (CAMEL-12596) Camel-Kafka security protocol SASL_PLAINTEXT not supported
[
https://issues.apache.org/jira/browse/CAMEL-12596?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16522298#comment-16522298
]
Lizuca Mihaescu commented on CAMEL-12596:
-
[~ancosen] as you can see above I am using
{code:java}
saslMechanism=GSSAPI{code}
but I need to use in addition to this mechanism the security protocol
*SASL_PLAINTEXT* which is not currently supported by Camel in order to produce
messages to Cloudera Kafka.
> Camel-Kafka security protocol SASL_PLAINTEXT not supported
> --
>
> Key: CAMEL-12596
> URL: https://issues.apache.org/jira/browse/CAMEL-12596
> Project: Camel
> Issue Type: Improvement
> Components: camel-kafka
>Affects Versions: 2.21.1
> Environment: * ActiveMQ v5.15.4
> * Camel:2.21.1
> * Kafka Clients: 1.1.0
> * Server Version: Apache/2.4.6(CentOS)
>Reporter: Lizuca Mihaescu
>Priority: Blocker
>
> I need to route ActiveMQ messages to Kafka(Cloudera) through Camel using
> authentication protocol Kerberos.
>
> Kafka Security documentation states that it only supports *SASL_PLAINTEXT*
> and *SASL_SSL* for Kerberos:
> [https://www.cloudera.com/documentation/kafka/2-0-x/topics/kafka_security.html]
>
> | ** |*SSL*|*Kerberos*|
> |PLAINTEXT|No|No|
> |SSL|Yes|No|
> |SASL_PLAINTEXT|No|Yes|
> |SASL_SSL|Yes|Yes|
>
>
>
> On the other hand when I try to use *SASL_PLAINTEXT* for security protocol in
> Camel I am getting an error during the ActiveMQ starting. As a result
> ActiveMQ will not start.
>
> I took the latest Camel code from: [https://github.com/apache/camel.git] and
> it states that it only supports *SSL* and *PLAINTEXT* as security protocols
> values.
>
> | *securityProtocol* (security) | Protocol used to communicate with brokers.
> Currently only PLAINTEXT and SSL are supported. | PLAINTEXT | String
>
>
> I did find this solved issue: [https://access.redhat.com/solutions/3364871]
> but I did not find any evidence that this is working in the latest Camel
> version.
>
> My Camel setup fragment is:
> {code:java}
> uri="kafka://10.100.70.00:9092?topic=MyEvents.s1.v1&brokers=10.100.70.00:9092&requestTimeoutMs=305000&retries=3&keySerializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&saslMechanism=GSSAPI&serializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&securityProtocol=SASL_PLAINTEXT&saslKerberosServiceName=kafka"/>{code}
>
> I am using an external Jaas configuration file:
> {code:java}
> KafkaClient {
> com.sun.security.auth.module.Krb5LoginModule required
> useKeyTab=true
> storeKey=true
> keyTab="./user.keytab"
> useTicketCache=false
> serviceName="kafka"
> principal=" Group/u...@domain.lan";
> };{code}
> Why Camel does not support *SASL_PLAINTEXT* *and* *SASL_SSL*?
>
> Please help me this is *VERY IMPORTANT* for the project I am working on and
> this issue is considered a blocker. I am also an experienced Java programmer
> and I am willing to contribute if necessary to the open source code for such
> implementation if the need may be.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Created] (CAMEL-12596) Camel-Kafka security protocol SASL_PLAINTEXT not supported
Lizuca Mihaescu created CAMEL-12596:
---
Summary: Camel-Kafka security protocol SASL_PLAINTEXT not supported
Key: CAMEL-12596
URL: https://issues.apache.org/jira/browse/CAMEL-12596
Project: Camel
Issue Type: Improvement
Components: camel-kafka
Affects Versions: 2.21.1
Environment: * ActiveMQ v5.15.4
* Camel:2.21.1
* Kafka Clients: 1.1.0
* Server Version: Apache/2.4.6(CentOS)
Reporter: Lizuca Mihaescu
I need to route ActiveMQ messages to Kafka(Cloudera) through Camel using
authentication protocol Kerberos.
Kafka Security documentation states that it only supports *SASL_PLAINTEXT* and
*SASL_SSL* for Kerberos:
[https://www.cloudera.com/documentation/kafka/2-0-x/topics/kafka_security.html]
| ** |*SSL*|*Kerberos*|
|PLAINTEXT|No|No|
|SSL|Yes|No|
|SASL_PLAINTEXT|No|Yes|
|SASL_SSL|Yes|Yes|
On the other hand when I try to use *SASL_PLAINTEXT* for security protocol in
Camel I am getting an error during the ActiveMQ starting. As a result ActiveMQ
will not start.
I took the latest Camel code from: [https://github.com/apache/camel.git] and it
states that it only supports *SSL* and *PLAINTEXT* as security protocols values.
| *securityProtocol* (security) | Protocol used to communicate with brokers.
Currently only PLAINTEXT and SSL are supported. | PLAINTEXT | String
I did find this solved issue: [https://access.redhat.com/solutions/3364871] but
I did not find any evidence that this is working in the latest Camel version.
My Camel setup fragment is:
{code:java}
{code}
I am using an external Jaas configuration file:
{code:java}
KafkaClient {
com.sun.security.auth.module.Krb5LoginModule required
useKeyTab=true
storeKey=true
keyTab="./user.keytab"
useTicketCache=false
serviceName="kafka"
principal=" Group/u...@domain.lan";
};{code}
Why Camel does not support *SASL_PLAINTEXT* *and* *SASL_SSL*?
Please help me this is *VERY IMPORTANT* for the project I am working on and
this issue is considered a blocker. I am also an experienced Java programmer
and I am willing to contribute if necessary to the open source code for such
implementation if the need may be.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Created] (CAMEL-12595) Camel Kafka DEBUG level java.io.EOFException
Lizuca Mihaescu created CAMEL-12595:
---
Summary: Camel Kafka DEBUG level java.io.EOFException
Key: CAMEL-12595
URL: https://issues.apache.org/jira/browse/CAMEL-12595
Project: Camel
Issue Type: Improvement
Components: camel-kafka
Affects Versions: 2.21.1
Environment: * *ActiveMQ* v5.15.4
* *Camel*: 2.21.1
* *Kafka Clients*:1.1.0
* *Server version*: Apache/2.4.6 (CentOS)
Reporter: Lizuca Mihaescu
I am trying to produce messages to Kafka (Cloudera) from an ActiveMQ-Camel
bridge using *Kerberos* and I am getting at INFO level a warning and the
messages are not delivered.
{code:java}
WARN | [Producer clientId=producer-1] Bootstrap broker 10.100.70.00:9092 (id:
-1 rack: null) disconnected | org.apache.kafka.clients.NetworkClient |
kafka-producer-network-thread | producer-1
{code}
{{At debug level I find the following error:}}
{code:java}
java.io.EOFException
at
org.apache.kafka.common.network.NetworkReceive.readFromReadableChannel(NetworkReceive.java:124)[kafka-clients-1.1.0.jar:]
at
org.apache.kafka.common.network.NetworkReceive.readFrom(NetworkReceive.java:93)[kafka-clients-1.1.0.jar:]
at
org.apache.kafka.common.network.KafkaChannel.receive(KafkaChannel.java:235)[kafka-clients-1.1.0.jar:]
at
org.apache.kafka.common.network.KafkaChannel.read(KafkaChannel.java:196)[kafka-clients-1.1.0.jar:]
at
org.apache.kafka.common.network.Selector.attemptRead(Selector.java:557)[kafka-clients-1.1.0.jar:]
at
org.apache.kafka.common.network.Selector.pollSelectionKeys(Selector.java:495)[kafka-clients-1.1.0.jar:]
at
org.apache.kafka.common.network.Selector.poll(Selector.java:424)[kafka-clients-1.1.0.jar:]
at
org.apache.kafka.clients.NetworkClient.poll(NetworkClient.java:460)[kafka-clients-1.1.0.jar:]
at
org.apache.kafka.clients.producer.internals.Sender.run(Sender.java:239)[kafka-clients-1.1.0.jar:]
at
org.apache.kafka.clients.producer.internals.Sender.run(Sender.java:163)[kafka-clients-1.1.0.jar:]
at java.lang.Thread.run(Thread.java:748)[:1.8.0_171
{code}
{{This is the kafka client config from log:}}
{code:java}
acks = 1
batch.size = 16384
bootstrap.servers = [10.148.70.74:9092]
buffer.memory = 33554432
client.id =
compression.type = none
connections.max.idle.ms = 54
enable.idempotence = false
interceptor.classes = []
key.serializer = class org.apache.kafka.common.serialization.ByteArraySerializer
linger.ms = 0
max.block.ms = 6
max.in.flight.requests.per.connection = 5
max.request.size = 1048576
metadata.max.age.ms = 30
metric.reporters = []
metrics.num.samples = 2
metrics.recording.level = INFO
metrics.sample.window.ms = 3
partitioner.class = class
org.apache.kafka.clients.producer.internals.DefaultPartitioner
receive.buffer.bytes = 65536
reconnect.backoff.max.ms = 1000
reconnect.backoff.ms = 50
request.timeout.ms = 305000
retries = 3
retry.backoff.ms = 100
sasl.jaas.config = null
sasl.kerberos.kinit.cmd = /usr/bin/kinit
sasl.kerberos.min.time.before.relogin = 6
sasl.kerberos.service.name = kafka
sasl.kerberos.ticket.renew.jitter = 0.05
sasl.kerberos.ticket.renew.window.factor = 0.8
sasl.mechanism = GSSAPI
security.protocol = PLAINTEXT
send.buffer.bytes = 131072
ssl.cipher.suites = null
ssl.enabled.protocols = [TLSv1.2, TLSv1.1, TLSv1]
ssl.endpoint.identification.algorithm = null
ssl.key.password = null
ssl.keymanager.algorithm = SunX509
ssl.keystore.location = null
ssl.keystore.password = null
ssl.keystore.type = JKS
ssl.protocol = TLS
ssl.provider = null
ssl.secure.random.implementation = null
ssl.trustmanager.algorithm = PKIX
ssl.truststore.location = null
ssl.truststore.password = null
ssl.truststore.type = JKS
transaction.timeout.ms = 6
transactional.id = null
value.serializer = class
org.apache.kafka.common.serialization.ByteArraySerializer
{code}
{{I am using Jaas file:}}
{code:java}
KafkaClient {
com.sun.security.auth.module.Krb5LoginModule required
useKeyTab=true
storeKey=true
keyTab="./user.keytab"
useTicketCache=false
serviceName="kafka"
principal=" Group/u...@domain.lan";
};
{code}
{{So, my problem here is that if the authentication fails in any way I shall
receive an error with a meaningful explanation otherwise I cannot tell whether
or not the messages were correctly routed and the associated problem.}}
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
