Uploaded image for project: 'Kafka'
  1. Kafka
  2. KAFKA-8552

Use SASL authentication in ConfigCommand for connection to zookeeper

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Open
    • Minor
    • Resolution: Unresolved
    • 2.2.1
    • None
    • zkclient
    • None

    Description

      Currently we are using the kafka-configs script to create SCRAM users in zookeeper. I execute the following command on the machine:

      ./kafka-configs --zookeeper ip-adres:2181 --alter --add-config 'SCRAM-SHA-256=[password=password]' --entity-type users --entity-name user123

      I would like to create users dynamically via a Java api. Since it is not possible to create SCRAM users via the KafkaAdminApi (please confirm?), I am now using the Kafka Scala class 'AdminZkClient' to create users the same as way as the ConfigCommand currently does. It looks like the AdminZkClient doesn't provide a way to authenticate against zookeeper using SASL. I'm currently connecting to zookeeper without authentication and this is a security issue. Is it possible to connect with the AdminZkClient with SASL authentication?

      I'm aware of issue KAFKA-5722 which is an improvement to use the AdminClient in the ConfigCommand class so this issue might be a duplicate but I would like to know if it is possible to authenticate using SASL with the AdminZkClient.

      Thanks!

       

      Attachments

        1. image.png
          3 kB
          Liu
        2. image (1).png
          4 kB
          Liu

        Activity

          People

            Unassigned Unassigned
            lansb Tim Lansbergen
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated: