-
Notifications
You must be signed in to change notification settings - Fork 2
/
KafkaDelegationTokenExample.java
169 lines (147 loc) · 6.68 KB
/
KafkaDelegationTokenExample.java
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
import com.google.common.io.Resources;
import org.apache.kafka.clients.CommonClientConfigs;
import org.apache.kafka.clients.admin.AdminClient;
import org.apache.kafka.clients.admin.CreateDelegationTokenOptions;
import org.apache.kafka.clients.admin.CreateDelegationTokenResult;
import org.apache.kafka.clients.consumer.ConsumerRecord;
import org.apache.kafka.clients.consumer.ConsumerRecords;
import org.apache.kafka.clients.consumer.KafkaConsumer;
import org.apache.kafka.clients.producer.KafkaProducer;
import org.apache.kafka.clients.producer.ProducerRecord;
import org.apache.kafka.common.config.SaslConfigs;
import org.apache.kafka.common.security.token.delegation.DelegationToken;
import java.io.IOException;
import java.io.InputStream;
import java.util.Arrays;
import java.util.Properties;
import java.util.Random;
/*
* how to run:
* java -Djava.security.krb5.conf="/tmp/krb.conf" -cp <>.jar KafkaDelegationTokenExample "hostname:9092" "/tmp/my.client.keytab" "kafka/_HOST@REALM" kafkatopic
*/
public class KafkaDelegationTokenExample {
public static void main(String[] args) throws Exception {
if(args.length<1){
System.out.println("usage : java -cp <>.jar Broker-list keytab-loc client-principal topic ");
System.exit(-1);
}
// obtain the delegation token and set it to the ScramLoginModule jaas config
String jaasTemplate = "org.apache.kafka.common.security.scram.ScramLoginModule required tokenauth=true username=\"%s\" password=\"%s\";";
DelegationToken dt = getToken(args);
String jaasCfg = String.format(jaasTemplate, dt.tokenInfo().tokenId(), dt.hmacAsBase64String());
System.out.println("Kafka Client Jaas succefully generated at :"+jaasCfg);
//Run Kafka clients in seperate threads
Thread consumerThread = new Thread(new ConsumerThread(args[3],jaasCfg),"consumer-thread");
Thread producerThread = new Thread(new ProducerThread(args[3],jaasCfg),"producer-thread");
consumerThread.start();
producerThread.start();
consumerThread.join();
producerThread.join();
}
private static DelegationToken getToken(String[] args) throws InterruptedException, java.util.concurrent.ExecutionException {
String jaasTemplate = "com.sun.security.auth.module.Krb5LoginModule required debug=true useKeyTab=true storeKey=true serviceName=\"kafka\" keyTab=\"%s\" principal=\"%s\";";
String jaasCfg = String.format(jaasTemplate, args[1], args[2]);
System.out.println("Creating AdminClient with jass config : "+jaasCfg);
Properties adminClientProp = new Properties();
adminClientProp.put(CommonClientConfigs.BOOTSTRAP_SERVERS_CONFIG,args[0]);
adminClientProp.put(CommonClientConfigs.SECURITY_PROTOCOL_CONFIG,"SASL_PLAINTEXT");
adminClientProp.put(SaslConfigs.SASL_JAAS_CONFIG,jaasCfg);
AdminClient adminClient = AdminClient.create(adminClientProp);
System.out.println("Creating token");
CreateDelegationTokenOptions createDelegationTokenOptions = new CreateDelegationTokenOptions();
CreateDelegationTokenResult createDelegationTokenResult = adminClient.createDelegationToken(createDelegationTokenOptions);
DelegationToken dt = createDelegationTokenResult.delegationToken().get();
System.out.println("Got dt : "+dt);
return dt;
}
}
class ConsumerThread implements Runnable {
private KafkaConsumer<String, String> consumer;
private String topicName;
private String jaasConfig;
public ConsumerThread(String topicName,String jassConfig){
this.topicName = topicName;
this.jaasConfig = jassConfig;
init();
}
private void init() {
try
{
InputStream props = Resources.getResource("consumer.props").openStream();
Properties properties = new Properties();
try {
properties.load(props);
} catch (IOException e) {
e.printStackTrace();
}
if (properties.getProperty("group.id") == null) {
properties.setProperty("group.id", "group-" + new Random().nextInt(100000));
}
properties.put(CommonClientConfigs.SECURITY_PROTOCOL_CONFIG, "SASL_PLAINTEXT");
properties.put(SaslConfigs.SASL_KERBEROS_SERVICE_NAME, "kafka");
properties.put(SaslConfigs.SASL_MECHANISM, "SCRAM-SHA-256");
properties.put(SaslConfigs.SASL_JAAS_CONFIG,this.jaasConfig);
consumer = new KafkaConsumer<String, String>(properties);
consumer.subscribe(Arrays.asList(topicName));
} catch (Exception e) {
e.printStackTrace();
}
}
@Override
public void run() {
try {
while (true) {
ConsumerRecords<String, String> records = consumer.poll(100);
for (ConsumerRecord<String, String> record : records) {
System.out.printf("offset = %d, key = %s, value = %s", record.offset(), record.key(), record.value());
System.out.println("\n");
}
}
} catch (Exception e) {
e.printStackTrace();
} finally {
consumer.close();
}
}
}
class ProducerThread implements Runnable {
private String topicName;
private String jaasConf;
private KafkaProducer<String, String> producer;
public ProducerThread(String topicName,String jaasConf) {
this.jaasConf = jaasConf;
this.topicName = topicName;
init();
}
private void init() {
try {
InputStream props = Resources.getResource("producer.props").openStream();
Properties properties = new Properties();
properties.load(props);
properties.put(CommonClientConfigs.SECURITY_PROTOCOL_CONFIG, "SASL_PLAINTEXT");
properties.put(SaslConfigs.SASL_KERBEROS_SERVICE_NAME, "kafka");
properties.put(SaslConfigs.SASL_MECHANISM, "SCRAM-SHA-256");
properties.put(SaslConfigs.SASL_JAAS_CONFIG,this.jaasConf);
producer = new KafkaProducer<>(properties);
} catch (Exception e) {
e.printStackTrace();
}
}
@Override
public void run() {
try {
int i=0;
while (true) {
ProducerRecord<String, String> record = new ProducerRecord<String, String>(topicName,"key-"+i,"value-"+i);
System.out.println(record);
producer.send(record);
i++;
Thread.sleep(1000);
}
} catch (Throwable throwable) {
System.out.printf("%s", throwable.getStackTrace());
} finally {
producer.close();
}
}
}