'No Authorizer is configured' error when adding ACL (listing ACL is OK)

Wed, 30 Aug 2023 02:10:59 -0700 

Hi all,

Maybe a bug... but I'm facing an issue when trying to add a Kafka ACL
(Kafka is confluent version 7.5.0-ccs).

First, I can list ACLs  (so that's why I think my client and broker
configuration is ok).
Result is empty, cause I have no ACLs:

$ kafka-acls --bootstrap-server broker01:9093 --command-config
/etc/kafka/client-ssl.properties --list

Here is the /etc/kafka/client-ssl.properties:

sasl.mechanism=PLAIN
security.protocol=SASL_SSL
ssl.truststore.type=PEM
ssl.truststore.location=/etc/kafka/ssl/truststore.pem
sasl.jaas.config=org.apache.kafka.common.security.plain.PlainLoginModule
required \
  username="admin" \
  password="xxxxxxxx";


When adding the first ACL, I get the following exception:

kafka-acls --bootstrap-server broker01:9093 --command-config
/etc/kafka/client-ssl.properties --add --allow-principal "User:test"
--topic "test" --operation Read
Adding ACLs for resource `ResourcePattern(resourceType=TOPIC, name=test,
patternType=LITERAL)`:
        (principal=User:test, host=*, operation=READ, permissionType=ALLOW)

Error while executing ACL command:
org.apache.kafka.common.errors.SecurityDisabledException: No Authorizer is
configured.
java.util.concurrent.ExecutionException:
org.apache.kafka.common.errors.SecurityDisabledException: No Authorizer is
configured.
        at
java.base/java.util.concurrent.CompletableFuture.reportGet(CompletableFuture.java:396)
        at
java.base/java.util.concurrent.CompletableFuture.get(CompletableFuture.java:2073)
        at
org.apache.kafka.common.internals.KafkaFutureImpl.get(KafkaFutureImpl.java:165)
        at
kafka.admin.AclCommand$AdminClientService.$anonfun$addAcls$3(AclCommand.scala:115)
        at scala.collection.IterableOnceOps.foreach(IterableOnce.scala:575)
        at scala.collection.IterableOnceOps.foreach$(IterableOnce.scala:573)
        at scala.collection.AbstractIterable.foreach(Iterable.scala:933)
        at
scala.collection.IterableOps$WithFilter.foreach(Iterable.scala:903)
        at
kafka.admin.AclCommand$AdminClientService.$anonfun$addAcls$1(AclCommand.scala:112)
        at
kafka.admin.AclCommand$AdminClientService.addAcls(AclCommand.scala:111)
        at kafka.admin.AclCommand$.main(AclCommand.scala:73)
        at kafka.admin.AclCommand.main(AclCommand.scala)
Caused by: org.apache.kafka.common.errors.SecurityDisabledException: No
Authorizer is configured.


If anyone can help.
Thanks !

Reply via email to