RE: Java API for kafka-acls.sh

Fri, 01 Apr 2016 07:15:11 -0700 

Hi Gerard,



I am using kerberised environment.



By providing below jass file:



KafkaClient {

com.sun.security.auth.module.Krb5LoginModule required

doNotPrompt=true

useTicketCache=true

principal="[email protected]"

useKeyTab=true

serviceName="kafka"

keyTab="/etc/security/keytabs/ctadmin.keytab"

client=true;

};

Client {

   com.sun.security.auth.module.Krb5LoginModule required

   useKeyTab=true

   keyTab="/etc/security/keytabs/ctadmin.keytab"

   storeKey=true

   useTicketCache=true

   serviceName="zookeeper"

   principal="[email protected]";

};



I can create kafka topic through java application.



Problem is, in same application when I tried to give acl, it throws zookeeper 
keeper exception.



String[] cmdPArm = {"--add", "--allow-principals", "user:ctadmin", 
"--operation", "ALL","--topic", topicName ,"--authorizer-properties", 
"zookeeper.connect={hostname}:2181 "};

AclCommand.main(cmdPArm);



Same code if I ran as a kafka user, by providing kafka own jass file it run 
properly.



Now I am not getting what mistake I am doing.

Because if there is, any  mistake in jass file then it should not allow me to 
create topic also, but it’s getting created.



Is there any debug steps, to crack this, or someone has face this issue.



Thanks,

------------------------------------------------

Kalpesh Jadhav

Sr. Software Engineer | Development







-----Original Message-----
From: Gerard Klijs [mailto:[email protected]]
Sent: Thursday, March 31, 2016 9:30 PM
To: [email protected]
Subject: Re: Java API for kafka-acls.sh



You could check what it does, and do that instead of relying in the script.

It runs the kafka.admin.AclCommand class with some properties, and sets some 
jvm settings.



On Thu, Mar 31, 2016 at 4:36 PM Kalpesh Jadhav < 
[email protected]<mailto:[email protected]>> wrote:



> Hi,

>

> Is there any java api available to give access to kafka topic??

>

> As we does through kafka-acls.sh.

> Just wanted to run below command through java api.

>

> kafka-acls.sh --add --allow-principals user:ctadmin --operation ALL

> --topic marchTesting --authorizer-properties

> zookeeper.connect={hostname}:2181

>

> ------------------------------------------------

> Kalpesh Jadhav

> Sr. Software Engineer | Development

> CitiusTech Inc.

> www.citiustech.com<http://www.citiustech.com<http://www.citiustech.com%3chttp:/www.citiustech.com>>

>

>

>

>

>

>

>

>

Reply via email to