Hi, I am exploring on the Security capabilities of Kafka 0.9.1 but unable to use it successfully.
I have set below configuration in my server.properties *allow.everyone.if.no.acl.found=false* *super.users=User:root;User:kafka* I created an ACL using below command *./kafka-acls.sh --authorizer-properties zookeeper.connect=<zk_host:port> --add --allow-principal User:imit --allow-host <allowed_host> --topic imit --producer --consumer --group imit-consumer-group* and I see below response for it *Current ACLs for resource `Topic:imit`:* * User:imit has Allow permission for operations: Describe from hosts: <allowed_host>* * User:imit has Allow permission for operations: Read from hosts: <allowed_host>* * User:imit has Allow permission for operations: Write from hosts: <allowed_host>* *Note:* Values mentioned in <> are replaced with some dummy values in the question and used correctly while creating the ACL I have following observations: a) Though I define the rule for imit topic to access for a particular using from a given host yet I can write to the topic from any host using any user account. b) I am unable to read the messages from topic from any host or any user account (even using the one for which I have defined the rules). I am running Kafka on RHEL 6.7 and all the users are local. Appreciate if someone can guide if I am missing any configuration parameters or commands to manage authorization or if Kafka is behaving in a weird way. Also where can I getting authorization related logs in Kafka? Thanks & Regards, Sudeep
