Wow, good catch. I am using the HDP distribution and when I looked at the
config for the kafka, the super user is set as `user:kafka`. I think this
deserves a explicit mention in the docs about using the upper case "User".
Thanks for the help. Now I am unblocked on this issue, am getting a
PrincipalType string "User" is case sensitive. Try creating acls for
"User:storm-mytestcluster" principal.
On Sat, Sep 29, 2018 at 9:04 PM Bala wrote:
> Yes, I followed all the docs and thing is it's connecting as expected and
> sending the right user to the server. The problem is that when I
Yes, I followed all the docs and thing is it's connecting as expected and
sending the right user to the server. The problem is that when I list ACL's I
am seeing that the user has all the access. But when the producer trying to
connect to the server, the server is logging message saying that
Your produce needs to have Write access to the topic. But as you mentioned
All should cover Write. Which version of Kafka are you using?
FYI, more authn/authz information can be found here for some of the common
client operations:
Producer using the Java API. I did configure the jaas config as per docs. It
looks like is working and the authentication is succeeded but the authorization
is not honoring the ACL
On Friday, September 28, 2018, 11:56:24 AM EDT, Vahid Hashemian
wrote:
Hi Bala,
What operation/command
Hi Bala,
What operation/command are you trying that gives you this error?
--Vahid
On Fri, Sep 28, 2018 at 7:12 AM Bala wrote:
> I have a kafka with kerberos security and trying to use the ACL and am not
> able to make it work.
>
> Here is the error I am seeing in the server log.[2018-09-28
I have a kafka with kerberos security and trying to use the ACL and am not able
to make it work.
Here is the error I am seeing in the server log.[2018-09-28 14:06:54,152] INFO
Principal = User:storm-mytestcluster is Denied Operation = Describe from host =
on resource = Topic:icd_alpha
