RE: Kafka User Authentication Exception
Hi Team, Greetings, We actually reached out to you for Oracle/ IT / SAP / Infor / Microsoft "VOTEC IT SERVICE PARTNERSHIP" "IT SERVICE OUTSOURCING" " "PARTNER SERVICE SUBCONTRACTING" We have very attractive newly introduce reasonably price PARTNER IT SERVICE ODC SUBCONTRACTING MODEL in USA, Philippines, India and Singapore etc with White Label Model. Our LOW COST IT SERVICE ODC MODEL eliminate the cost of expensive employee payroll, Help partner to get profit more than 50% on each project.. ..We really mean it. We are already working with platinum partner like NTT DATA, NEC Singapore, Deloitte, Hitachi consulting. ACCENTURE, Abeam Singapore etc. Are u keen to understand VOTEC IT PARTNERSHIP offerings? Looping KB kail...@votecgroup.com | Partnership In charge | Let us know your availability this week OR Next week?? From: mil...@votecgroup.com [mailto:mil...@votecgroup.com] Sent: 01 August 2023 11:36 To: users@kafka.apache.org Subject: RE: Kafka User Authentication Exception Hi Team, Greetings, We actually reached out to you for Oracle/ IT / SAP / Infor / Microsoft "VOTEC IT SERVICE PARTNERSHIP" "IT SERVICE OUTSOURCING" " "PARTNER SERVICE SUBCONTRACTING" We have very attractive newly introduce reasonably price PARTNER IT SERVICE ODC SUBCONTRACTING MODEL in USA, Philippines, India and Singapore etc with White Label Model. Our LOW COST IT SERVICE ODC MODEL eliminate the cost of expensive employee payroll, Help partner to get profit more than 50% on each project.. ..We really mean it. We are already working with platinum partner like NTT DATA, NEC Singapore, Deloitte, Hitachi consulting. ACCENTURE, Abeam Singapore etc. Are u keen to understand VOTEC IT PARTNERSHIP offerings? Looping KB kail...@votecgroup.com <mailto:kail...@votecgroup.com> | Partnership In charge | Let us know your availability this week OR Next week?? From: xiansheng lao [mailto:xiansheng@icloud.com.INVALID] Sent: 01 August 2023 08:21 To: users@kafka.apache.org <mailto:users@kafka.apache.org> Subject: Kafka User Authentication Exception Dear Kafka Community Team, I am a developer who is facing an issue while attempting to use SASL authentication with Kafka. I have tried various methods to troubleshoot the problem, but have not yet found a solution. Therefore, I am reaching out to seek your help and guidance. Issue Description: I am trying to connect to Kafka from my client application using the SASL authentication mechanism. In my client code, I have implemented the `SaslClientCallbackHandler` class to handle callbacks and provided the correct credentials (username and password). However, during the connection process, I encounter the "javax.security.sasl.SaslException: User name could not be obtained" error. I have attempted the following steps to troubleshoot the issue: 1. Ensured that the client and Kafka Broker are using the same version of Kafka to avoid version compatibility issues. 2. Checked the SASL configuration to ensure that both the client and Kafka Broker are configured correctly with the same SASL mechanism and authentication parameters. 3. Examined the exception stack trace and logs, but couldn't find additional information regarding the root cause of the error. 4. Verified that the credentials are in the correct format and can be parsed correctly by the client. 5. Ensured that the network connection is stable and that the client can establish a connection with the Kafka Broker. However, despite trying these approaches, the problem persists, and I am puzzled by the specific reasons behind the "User name could not be obtained" error. In this situation, I am seeking your advice on whether there might be other reasons causing this error and how I can further investigate and resolve this issue. Any suggestions, hints, or relevant documentation would be greatly appreciated. I am sincerely grateful for your contributions and support to the Kafka community and look forward to your assistance in resolving this authentication issue, so I can continue with my project development using Kafka. Thank you for your time and patience! We are using Kafka version 1.1.1 with SCRAM-PLAIN authentication mechanism, and we have encountered an authentication exception. Below are the detailed error logs. Thank you for your assistance. Best regards, [elderly gentleman] 2027-10-01 13:52:09,879 kafka-producer-network-thread TEST] ERROR [] Producer clientId-TEST] Connection to node -1 failed authentication due to: An error: (java.security.PrivilegedActionException:javax.security.sasl.SaslException: User name could not be obtained Caused by javax.security.auth.callback.UnsupportedcallbackException:Unrecognized SASL ClientCallback) occurred when evaluating SASL token received from the Kafka Broker.Kafka Client will go to AUTHENTICATION FAILED state.
RE: Kafka User Authentication Exception
Hi Team, Greetings, We actually reached out to you for Oracle/ IT / SAP / Infor / Microsoft "VOTEC IT SERVICE PARTNERSHIP" "IT SERVICE OUTSOURCING" " "PARTNER SERVICE SUBCONTRACTING" We have very attractive newly introduce reasonably price PARTNER IT SERVICE ODC SUBCONTRACTING MODEL in USA, Philippines, India and Singapore etc with White Label Model. Our LOW COST IT SERVICE ODC MODEL eliminate the cost of expensive employee payroll, Help partner to get profit more than 50% on each project.. ..We really mean it. We are already working with platinum partner like NTT DATA, NEC Singapore, Deloitte, Hitachi consulting. ACCENTURE, Abeam Singapore etc. Are u keen to understand VOTEC IT PARTNERSHIP offerings? Looping KB kail...@votecgroup.com | Partnership In charge | Let us know your availability this week OR Next week?? From: xiansheng lao [mailto:xiansheng@icloud.com.INVALID] Sent: 01 August 2023 08:21 To: users@kafka.apache.org Subject: Kafka User Authentication Exception Dear Kafka Community Team, I am a developer who is facing an issue while attempting to use SASL authentication with Kafka. I have tried various methods to troubleshoot the problem, but have not yet found a solution. Therefore, I am reaching out to seek your help and guidance. Issue Description: I am trying to connect to Kafka from my client application using the SASL authentication mechanism. In my client code, I have implemented the `SaslClientCallbackHandler` class to handle callbacks and provided the correct credentials (username and password). However, during the connection process, I encounter the "javax.security.sasl.SaslException: User name could not be obtained" error. I have attempted the following steps to troubleshoot the issue: 1. Ensured that the client and Kafka Broker are using the same version of Kafka to avoid version compatibility issues. 2. Checked the SASL configuration to ensure that both the client and Kafka Broker are configured correctly with the same SASL mechanism and authentication parameters. 3. Examined the exception stack trace and logs, but couldn't find additional information regarding the root cause of the error. 4. Verified that the credentials are in the correct format and can be parsed correctly by the client. 5. Ensured that the network connection is stable and that the client can establish a connection with the Kafka Broker. However, despite trying these approaches, the problem persists, and I am puzzled by the specific reasons behind the "User name could not be obtained" error. In this situation, I am seeking your advice on whether there might be other reasons causing this error and how I can further investigate and resolve this issue. Any suggestions, hints, or relevant documentation would be greatly appreciated. I am sincerely grateful for your contributions and support to the Kafka community and look forward to your assistance in resolving this authentication issue, so I can continue with my project development using Kafka. Thank you for your time and patience! We are using Kafka version 1.1.1 with SCRAM-PLAIN authentication mechanism, and we have encountered an authentication exception. Below are the detailed error logs. Thank you for your assistance. Best regards, [elderly gentleman] 2027-10-01 13:52:09,879 kafka-producer-network-thread TEST] ERROR [] Producer clientId-TEST] Connection to node -1 failed authentication due to: An error: (java.security.PrivilegedActionException:javax.security.sasl.SaslException: User name could not be obtained Caused by javax.security.auth.callback.UnsupportedcallbackException:Unrecognized SASL ClientCallback) occurred when evaluating SASL token received from the Kafka Broker.Kafka Client will go to AUTHENTICATION FAILED state.
Re: Kafka SASL_PLAIN Authentication Configuration
I would check to make sure -Djava.security.auth.login.config is available to your application. On Mon, Apr 10, 2023 at 7:01 PM Karthik Murugan wrote: > Hello Team, > > We are trying to implement SASL_Plain Authentication config changes on the > Kafka Server, and followed the below mentioned document for reference > > https://codeforgeek.com/how-to-set-up-authentication-in-kafka-cluster/ > > After performing the change, when attempted to restart the kafka on a > server encountering the error *"**java.lang.IllegalArgumentException: Could > not find a ‘KafkaServer’ or ‘sasl_plaintext.KafkaServer’ entry in the JAAS > configuration. System property ‘java.security.auth.login.config’ is not > set"*. > > So could you let us know the additional steps and help us in resolving > this issue. > > Best Regards, > Karthik >
Re: Kafka SASL_PLAIN Authentication Configuration
Hi Everyone , Can anyone provide some insights on the above mentioned kafka error while restarting kafka on the server : "*"**java.lang.IllegalArgumentException: Could not find a ‘KafkaServer’ or ‘sasl_plaintext.KafkaServer’ entry in the JAAS configuration. System property ‘java.security.auth.login.config’ is not set"*." Best Regards, Karthik On Mon, Apr 10, 2023 at 10:30 PM Karthik Murugan wrote: > Hello Team, > > We are trying to implement SASL_Plain Authentication config changes on the > Kafka Server, and followed the below mentioned document for reference > > https://codeforgeek.com/how-to-set-up-authentication-in-kafka-cluster/ > > After performing the change, when attempted to restart the kafka on a > server encountering the error *"**java.lang.IllegalArgumentException: > Could not find a ‘KafkaServer’ or ‘sasl_plaintext.KafkaServer’ entry in the > JAAS configuration. System property ‘java.security.auth.login.config’ is > not set"*. > > So could you let us know the additional steps and help us in resolving > this issue. > > Best Regards, > Karthik > > >
Kafka SASL_PLAIN Authentication Configuration
Hello Team, We are trying to implement SASL_Plain Authentication config changes on the Kafka Server, and followed the below mentioned document for reference https://codeforgeek.com/how-to-set-up-authentication-in-kafka-cluster/ After performing the change, when attempted to restart the kafka on a server encountering the error *"**java.lang.IllegalArgumentException: Could not find a ‘KafkaServer’ or ‘sasl_plaintext.KafkaServer’ entry in the JAAS configuration. System property ‘java.security.auth.login.config’ is not set"*. So could you let us know the additional steps and help us in resolving this issue. Best Regards, Karthik
Re: Kafka mTLS authentication
Hi Yingjie, No worries! Glad to help! Luke On Tue, Nov 23, 2021 at 5:52 PM yingjie zou wrote: > Hi Luke, > > This solved my problem. > I'm sorry to trouble you because I didn't read the document carefully. > Thank you very much. > > > Yingjie Zou > > On Tue, Nov 23, 2021 at 2:20 PM Luke Chen wrote: > > > Hi Yingjie, > > > However, I meet a problem. If I need to add, remove or renew the > > certificate to Kafka’s truststore, Kafka requires a reboot which would > > impact the service available for other teams. > > > > > So I want to know if there is a better way to support the change of > > Kafka’s > > certificate without impacting the service availability? > > > > Yes, Kafka supports dynamically updating broker's configuration. Please > > check here: https://kafka.apache.org/documentation/#dynamicbrokerconfigs > , > > there's a section talking about "Updating SSL Truststore of an Existing > > Listener", which should be what you're looking for. > > > > Good luck. > > > > Thank you. > > Luke > > > > On Tue, Nov 23, 2021 at 1:12 PM yingjie zou > wrote: > > > > > Hi, > > > > > > Currently, we are going to provide Kafka services to 20+ development > > teams > > > in my company, we’d like to provide that as multi-tenancy - the > different > > > team has different authentication. And we try to use the Kafka mTLS > > > solution. > > > > > > However, I meet a problem. If I need to add, remove or renew the > > > certificate to Kafka’s truststore, Kafka requires a reboot which would > > > impact the service available for other teams. > > > > > > So I want to know if there is a better way to support the change of > > Kafka’s > > > certificate without impacting the service availability? > > > > > > Any help is appreciated. > > > > > > Thanks. > > > Yingjie Zou > > > > > >
Re: Kafka mTLS authentication
Hi Luke, This solved my problem. I'm sorry to trouble you because I didn't read the document carefully. Thank you very much. Yingjie Zou On Tue, Nov 23, 2021 at 2:20 PM Luke Chen wrote: > Hi Yingjie, > > However, I meet a problem. If I need to add, remove or renew the > certificate to Kafka’s truststore, Kafka requires a reboot which would > impact the service available for other teams. > > > So I want to know if there is a better way to support the change of > Kafka’s > certificate without impacting the service availability? > > Yes, Kafka supports dynamically updating broker's configuration. Please > check here: https://kafka.apache.org/documentation/#dynamicbrokerconfigs , > there's a section talking about "Updating SSL Truststore of an Existing > Listener", which should be what you're looking for. > > Good luck. > > Thank you. > Luke > > On Tue, Nov 23, 2021 at 1:12 PM yingjie zou wrote: > > > Hi, > > > > Currently, we are going to provide Kafka services to 20+ development > teams > > in my company, we’d like to provide that as multi-tenancy - the different > > team has different authentication. And we try to use the Kafka mTLS > > solution. > > > > However, I meet a problem. If I need to add, remove or renew the > > certificate to Kafka’s truststore, Kafka requires a reboot which would > > impact the service available for other teams. > > > > So I want to know if there is a better way to support the change of > Kafka’s > > certificate without impacting the service availability? > > > > Any help is appreciated. > > > > Thanks. > > Yingjie Zou > > >
Re: Kafka mTLS authentication
Hi Yingjie, > However, I meet a problem. If I need to add, remove or renew the certificate to Kafka’s truststore, Kafka requires a reboot which would impact the service available for other teams. > So I want to know if there is a better way to support the change of Kafka’s certificate without impacting the service availability? Yes, Kafka supports dynamically updating broker's configuration. Please check here: https://kafka.apache.org/documentation/#dynamicbrokerconfigs , there's a section talking about "Updating SSL Truststore of an Existing Listener", which should be what you're looking for. Good luck. Thank you. Luke On Tue, Nov 23, 2021 at 1:12 PM yingjie zou wrote: > Hi, > > Currently, we are going to provide Kafka services to 20+ development teams > in my company, we’d like to provide that as multi-tenancy - the different > team has different authentication. And we try to use the Kafka mTLS > solution. > > However, I meet a problem. If I need to add, remove or renew the > certificate to Kafka’s truststore, Kafka requires a reboot which would > impact the service available for other teams. > > So I want to know if there is a better way to support the change of Kafka’s > certificate without impacting the service availability? > > Any help is appreciated. > > Thanks. > Yingjie Zou >
Kafka mTLS authentication
Hi, Currently, we are going to provide Kafka services to 20+ development teams in my company, we’d like to provide that as multi-tenancy - the different team has different authentication. And we try to use the Kafka mTLS solution. However, I meet a problem. If I need to add, remove or renew the certificate to Kafka’s truststore, Kafka requires a reboot which would impact the service available for other teams. So I want to know if there is a better way to support the change of Kafka’s certificate without impacting the service availability? Any help is appreciated. Thanks. Yingjie Zou
Re: Kafka Custom Authentication & Authorization
Hi There We are also trying to do the same and we are trying to over ride PlainLoginModule as well. When I add a jar it is not identifying and loading the jar. If there is any examples which we can follow will be usefull. Any help is highly appreciated. Thanks in advanceArunkumar Pichaimuthu, PMP On Tuesday, November 14, 2017, 5:31:58 AM CST, 陈江枫wrote: You can implement your own authenticator, check SaslAuthenticator , and your own authorizer, check SimpleAuthorizer 2017-11-12 9:39 GMT+08:00 chidigam . : > Hi All, > To Authenticate & Authorize the producer and consumers, I want to > integrate with third party Entitlement manager. Is there reference > implementation ? > > Any link for doc or comments I appreciate. > > Regards > Bhanu >
Re: Kafka Custom Authentication & Authorization
You can implement your own authenticator, check SaslAuthenticator , and your own authorizer, check SimpleAuthorizer 2017-11-12 9:39 GMT+08:00 chidigam .: > Hi All, > To Authenticate & Authorize the producer and consumers, I want to > integrate with third party Entitlement manager. Is there reference > implementation ? > > Any link for doc or comments I appreciate. > > Regards > Bhanu >
Kafka Custom Authentication & Authorization
Hi All, To Authenticate & Authorize the producer and consumers, I want to integrate with third party Entitlement manager. Is there reference implementation ? Any link for doc or comments I appreciate. Regards Bhanu
Kafka TLS Authentication for brokers and clients (w/o Zookeeper Auth)
Hello, >From Kafka Documentation - I understand that Authentication and encryption can be enabled for inter-broker, broker-client exchanges. By exchanges, i mean data transfer-related activities. My questions are: 1) Is it common to have ONLY inter-broker and broker-client exchanges, but only plain transfer between zookeeper? in other words, is it common to only put authentication for brokers and clients, but not zookeepers. 2) If I also want to use authentication for zookeeper-zookeeper exchanges, is there any known performance issues I should be concerned about? I would be grateful if someone could provide a dummy example of having both implemented. I can see kafka online documentation which shows self-signing certificates and keystore usage for inter-broker and broker-client authentication, but I cannot see much mentioning of zookeeper to broker exchanges (may be i missed it). Kindest Regards, M. Manna
Re: KAFKA-1477 (authentication layer) and 0.8.2
Yes we are very much interested in getting this code merged to trunk. I can also do testing once it's available on trunk. Thanks, Raja. On Fri, Jul 25, 2014 at 12:11 PM, Joe Stein joe.st...@stealth.ly wrote: Hi Chris, glad to hear that even more folks are going to (want to) use the feature. I didn't author the patch (Raja and Ivan did) and created the fork so folks could test it without much fuss. I just commented on the ticket to address Jun's last comment and think it also answers your question too. I know folks are using this now and other folks are looking to use it out of the core project. As long as it has a way to cause no harm when it is off I believe it really adds to the value Kafka brings to a number of organizations that can't use Kafka just because of this one thing. I am looking forward to being able to commit it to trunk. /*** Joe Stein Founder, Principal Consultant Big Data Open Source Security LLC http://www.stealth.ly Twitter: @allthingshadoop http://www.twitter.com/allthingshadoop / On Fri, Jul 25, 2014 at 11:34 AM, Chris Neal cwn...@gmail.com wrote: Hi guys, This JIRA (https://issues.apache.org/jira/browse/KAFKA-1477) leads me to believe that an authentication layer implementation is planned as part of the 0.8.2 release. I was wondering if this is still the case? There was an earlier thread talking about security, but there hasn't been activity on it in awhile. I grabbed Joe's fork and it works, but I was wondering about it getting merged back into the official 0.8.2 codebase, or is this more likely something that will be in 0.9? Thanks! -- Thanks, Raja.
Re: Kafka and authentication
+1 for security branch We are willing to assist with the merge. On Wed, Apr 2, 2014 at 8:32 AM, Joe Stein joe.st...@stealth.ly wrote: Hi Raja, do you have an ICLA https://www.apache.org/licenses/icla.txt on file with Apache? One thought would be to branch a security branch at the commit you forked from. Then treat the rest of your commits as a contrib patch (requires vote). Then we could work on merging it into upstream and knock out some of the security items. Thoughts? /*** Joe Stein Founder, Principal Consultant Big Data Open Source Security LLC http://www.stealth.ly Twitter: @allthingshadoop http://www.twitter.com/allthingshadoop / On Mon, Mar 31, 2014 at 11:20 AM, Rajasekar Elango rela...@salesforce.comwrote: Hi Vijay, We implemented mutual ssl authentication in kafka for our internal use and we have plans to it contributed back to community. But we implemented SSL over older snapshot of version of kafka 0.8 release. We have been busy with other projects and haven't got chance to merge our ssl changes to latest version of kafka. If you are interested in looking at the changes we made this, its available in my github fork of apache kafka ( https://github.com/relango/kafka/tree/kafka_security) Thanks, Raja. On Fri, Mar 28, 2014 at 10:06 PM, Neha Narkhede neha.narkh...@gmail.com wrote: Hi Vijay, The document you pointed out has our initial thoughts on Kafka security. This work is still in design and discussion phase, no code has been written as such and we hope to pick it up in a couple months. However, if you have thoughts on how it should work and/or would like to contribute patches, we would be happy to collaborate with you. Thanks, Neha On Fri, Mar 28, 2014 at 4:05 PM, Vijay Ramachandran vramachand...@apple.com wrote: Hi All, I was googling around for info on securing kafka. The best document I could find was https://cwiki.apache.org/confluence/display/KAFKA/Security, which is kind of old. It is not clear if any steps were taken after this doc was put together. Looking at the features / bug fixes in kafka also does not paint a clear picture. Hence this set of questions : Is there a way to make kafka authenticate a producer sending messages / consumer reading messages ? Is there a way to make kafka authenticate itself to the ZooKeeper ensemble ? Any info will be deeply appreciated Thanks Vijay -- Thanks, Raja.
Re: Kafka and authentication
Hi Raja, do you have an ICLA https://www.apache.org/licenses/icla.txt on file with Apache? One thought would be to branch a security branch at the commit you forked from. Then treat the rest of your commits as a contrib patch (requires vote). Then we could work on merging it into upstream and knock out some of the security items. Thoughts? /*** Joe Stein Founder, Principal Consultant Big Data Open Source Security LLC http://www.stealth.ly Twitter: @allthingshadoop http://www.twitter.com/allthingshadoop / On Mon, Mar 31, 2014 at 11:20 AM, Rajasekar Elango rela...@salesforce.comwrote: Hi Vijay, We implemented mutual ssl authentication in kafka for our internal use and we have plans to it contributed back to community. But we implemented SSL over older snapshot of version of kafka 0.8 release. We have been busy with other projects and haven't got chance to merge our ssl changes to latest version of kafka. If you are interested in looking at the changes we made this, its available in my github fork of apache kafka ( https://github.com/relango/kafka/tree/kafka_security) Thanks, Raja. On Fri, Mar 28, 2014 at 10:06 PM, Neha Narkhede neha.narkh...@gmail.com wrote: Hi Vijay, The document you pointed out has our initial thoughts on Kafka security. This work is still in design and discussion phase, no code has been written as such and we hope to pick it up in a couple months. However, if you have thoughts on how it should work and/or would like to contribute patches, we would be happy to collaborate with you. Thanks, Neha On Fri, Mar 28, 2014 at 4:05 PM, Vijay Ramachandran vramachand...@apple.com wrote: Hi All, I was googling around for info on securing kafka. The best document I could find was https://cwiki.apache.org/confluence/display/KAFKA/Security, which is kind of old. It is not clear if any steps were taken after this doc was put together. Looking at the features / bug fixes in kafka also does not paint a clear picture. Hence this set of questions : Is there a way to make kafka authenticate a producer sending messages / consumer reading messages ? Is there a way to make kafka authenticate itself to the ZooKeeper ensemble ? Any info will be deeply appreciated Thanks Vijay -- Thanks, Raja.
Re: Kafka and authentication
Hi Vijay, We implemented mutual ssl authentication in kafka for our internal use and we have plans to it contributed back to community. But we implemented SSL over older snapshot of version of kafka 0.8 release. We have been busy with other projects and haven't got chance to merge our ssl changes to latest version of kafka. If you are interested in looking at the changes we made this, its available in my github fork of apache kafka ( https://github.com/relango/kafka/tree/kafka_security) Thanks, Raja. On Fri, Mar 28, 2014 at 10:06 PM, Neha Narkhede neha.narkh...@gmail.comwrote: Hi Vijay, The document you pointed out has our initial thoughts on Kafka security. This work is still in design and discussion phase, no code has been written as such and we hope to pick it up in a couple months. However, if you have thoughts on how it should work and/or would like to contribute patches, we would be happy to collaborate with you. Thanks, Neha On Fri, Mar 28, 2014 at 4:05 PM, Vijay Ramachandran vramachand...@apple.com wrote: Hi All, I was googling around for info on securing kafka. The best document I could find was https://cwiki.apache.org/confluence/display/KAFKA/Security, which is kind of old. It is not clear if any steps were taken after this doc was put together. Looking at the features / bug fixes in kafka also does not paint a clear picture. Hence this set of questions : Is there a way to make kafka authenticate a producer sending messages / consumer reading messages ? Is there a way to make kafka authenticate itself to the ZooKeeper ensemble ? Any info will be deeply appreciated Thanks Vijay -- Thanks, Raja.
Kafka and authentication
Hi All, I was googling around for info on securing kafka. The best document I could find was https://cwiki.apache.org/confluence/display/KAFKA/Security, which is “kind of old”. It is not clear if any steps were taken after this doc was put together. Looking at the features / bug fixes in kafka also does not paint a clear picture. Hence this set of questions : Is there a way to make kafka authenticate a producer sending messages / consumer reading messages ? Is there a way to make kafka authenticate itself to the ZooKeeper ensemble ? Any info will be deeply appreciated Thanks Vijay
Re: Kafka and authentication
Hi Vijay, The document you pointed out has our initial thoughts on Kafka security. This work is still in design and discussion phase, no code has been written as such and we hope to pick it up in a couple months. However, if you have thoughts on how it should work and/or would like to contribute patches, we would be happy to collaborate with you. Thanks, Neha On Fri, Mar 28, 2014 at 4:05 PM, Vijay Ramachandran vramachand...@apple.com wrote: Hi All, I was googling around for info on securing kafka. The best document I could find was https://cwiki.apache.org/confluence/display/KAFKA/Security, which is kind of old. It is not clear if any steps were taken after this doc was put together. Looking at the features / bug fixes in kafka also does not paint a clear picture. Hence this set of questions : Is there a way to make kafka authenticate a producer sending messages / consumer reading messages ? Is there a way to make kafka authenticate itself to the ZooKeeper ensemble ? Any info will be deeply appreciated Thanks Vijay