Hi,
I'm new on security in Apache Kafka. I have Apache Kafka (v. 2.13-3.0.0) installed on a remote Ubuntu server. I need to secure the communications with producer-kafka broker and kafka broker-consumer. I try to follow the tutorial on Kafka documentation: https://kafka.apache.org/documentation/#security_overview and this tutorial which is more detailed: https://medium.com/egen/securing-kafka-cluster-using-sasl-acl-and-ssl-dec15b 439f9d but when I try to restart kafka server with the commands: export KAFKA_OPTS=-Djava.security.auth.login.config=/home/kafka/Downloads/kafka_2.1 3-3.0.0/config/kafka_server_jaas.conf ./bin/kafka-server-start.sh ./config/server.properties I receive the error: kafka@kafka2:~/Downloads/kafka_2.13-3.0.0$ <mailto:kafka@kafka2:~/Downloads/kafka_2.13-3.0.0$> sudo ./bin/kafka-server-start.sh ./config/server.properties [2021-11-12 11:45:46,995] INFO Registered kafka:type=kafka.Log4jController MBean (kafka.utils.Log4jControllerRegistration$) [2021-11-12 11:45:47,183] INFO Setting -D jdk.tls.rejectClientInitiatedRenegotiation=true to disable client-initiated TLS renegotiation (org.apache.zookeeper.common.X509Util) [2021-11-12 11:45:47,192] ERROR Exiting Kafka due to fatal exception (kafka.Kafka$) java.lang.ClassNotFoundException: kafka.security.auth.SimpleAclAuthorizer at java.base/jdk.internal.loader.BuiltinClassLoader.loadClass(BuiltinClassLoade r.java:606) at java.base/jdk.internal.loader.ClassLoaders$AppClassLoader.loadClass(ClassLoa ders.java:168) at java.base/java.lang.ClassLoader.loadClass(ClassLoader.java:522) at java.base/java.lang.Class.forName0(Native Method) at java.base/java.lang.Class.forName(Class.java:468) at org.apache.kafka.common.utils.Utils.loadClass(Utils.java:417) at org.apache.kafka.common.utils.Utils.newInstance(Utils.java:406) at kafka.security.authorizer.AuthorizerUtils$.createAuthorizer(AuthorizerUtils. scala:31) at kafka.server.KafkaConfig.<init>(KafkaConfig.scala:1583) at kafka.server.KafkaConfig.<init>(KafkaConfig.scala:1394) at kafka.Kafka$.buildServer(Kafka.scala:67) at kafka.Kafka$.main(Kafka.scala:87) at kafka.Kafka.main(Kafka.scala) It seems the class SimpleAclAuthorizer is not found. Can it be to a wrong configuration? These are my SSL configs in the file server.properties: ########### SECURITY using SCRAM-SHA-512 and SSL ################### listeners=PLAINTEXT://localhost:9092,SASL_PLAINTEXT://localhost:9093,SASL_SS L://localhost:9094 advertised.listeners=PLAINTEXT://localhost:9092,SASL_PLAINTEXT://localhost:9 093,SASL_SSL://localhost:9094 security.inter.broker.protocol=SASL_SSL ssl.endpoint.identification.algorithm= ssl.client.auth=required sasl.mechanism.inter.broker.protocol=SCRAM-SHA-512 sasl.enabled.mechanisms=SCRAM-SHA-512 # Broker security settings ssl.truststore.location=/home/kafka/Downloads/kafka_2.13-3.0.0/config/trusts tore/kafka.truststore.jks ssl.truststore.password=giuseppe ssl.keystore.location=/home/kafka/Downloads/kafka_2.13-3.0.0/config/keystore /kafka.keystore.jks ssl.keystore.password=giuseppe ssl.key.password=giuseppe # ACLs authorizer.class.name=kafka.security.auth.SimpleAclAuthorizer super.users=User:admin #zookeeper SASL zookeeper.set.acl=false ########### SECURITY using SCRAM-SHA-512 and SSL ################### Any help is appreciated. Thanks. PhD Giuseppe Ricci R&D Senior Software Developer Sysman Progetti & Servizi S.r.l. <https://eur04.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.sys-ma n.it%2F&data=02%7C01%7Cdaniele.verardi%40angelcompany.com%7C82656c3d0932496c c0d408d86abc2751%7Cc187ee014e4e40c8b342f82c8d699421%7C0%7C0%7C63737670364758 9425&sdata=A1KwJWF8PrbDASmFQ92NPgMtQV2c0ciHWfYqt4PujQM%3D&reserved=0> http://www.sys-man.it e-mail: <mailto:ri...@sys-man.it> ri...@sys-man.it -- Questa email รจ stata esaminata alla ricerca di virus da AVG. http://www.avg.com
