New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Kafka input sasl+ssl #7783
Comments
I am not too sure how this is supposed to work. But as far as I see the Kafka client used is still |
according to this https://issues.apache.org/jira/browse/KAFKA-3166 0.9.0.1 should have support for SASL_SSL, also if i check this in 0.9 branch of kafka https://github.com/apache/kafka/search?q=sasl_ssl&unscoped_q=sasl_ssl |
Ok I guess SASL_SSL is in some working form. But https://github.com/apache/kafka/blob/0.10.0/clients/src/main/java/org/apache/kafka/common/security/plain/PlainLoginModule.java does not exist in the |
Unfortunately we don't have the resources to look at this right now. |
PS: We are also considering to update the Kafka client, but I can't give you a time on that. |
@muralibasani and I were able to get it working setting the following properties:
I no longer am working on graylog at a production level so am not able actually troubleshoot/verify anything, but did have that configuration running for several months without issues. We were on kafka version 2.1.x. |
yes, we are also using it now with ssl but i want to use sasl_ssl |
Did some research on this:
The current client version used in Graylog is 0.9.0.1 and therefore only Kerberos authentication is supported. Due to this I cannot use the builtin Kafka client (at this moment we are using SCRAM). Is there any update when the client will be updated in Graylog? |
Expected Behavior
setting sasl+ssl parameters and connecting to kafka sasl+ssl listener
Current Behavior
it is failing withCaused by: org.apache.kafka.common.KafkaException: java.lang.IllegalArgumentException: You must pass java.security.auth.login.config in secure mode.
exception although sasl.jaas.config is supplied in config
Possible Solution
Steps to Reproduce (for bugs)
Context
trying to make sasl_ssl encrypted authenticated connection
Your Environment
using official docker-compose from documentation
i don't see any custom sasl properties, only kerberos, which i didn't set..., looks like ignoring sasl properties? in log output...
see:
The text was updated successfully, but these errors were encountered: