Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

sasl authentication . #23

Open
4 tasks done
joshypj opened this issue Dec 8, 2023 · 3 comments
Open
4 tasks done

sasl authentication . #23

joshypj opened this issue Dec 8, 2023 · 3 comments

Comments

@joshypj
Copy link

joshypj commented Dec 8, 2023

Issue submitter TODO list

  • I've looked up my issue in FAQ
  • I've searched for an already existing issues here (legacy) and here
  • I've tried installing latest charts and the issue still persists there
  • I'm running a supported version of the application & chart which is listed here

Describe the bug (actual behavior)

how to provide the sasl protocol and authentication at values.yaml file at helm chart level.?

yamlApplicationConfig:
{}

kafka:

clusters:

- name: yaml

bootstrapServers: kafka-service:9092

spring:

security:

oauth2:

auth:

type: disabled

management:

health:

ldap:

enabled: false

getting below error while trying to connect with a kafka cluster which uses sasl authentication

[2023-12-08 08:51:40,401] INFO [SocketServer listenerType=BROKER, nodeId=2] Failed authentication with /10.224.1.121 (channelId=10.224.1.221:9092-10.224.1.121:56258-290) (Unexpected Kafka request of type METADATA during SASL handshake.) (org.apache.kafka.common.network.Selector)

Expected behavior

tor)
[2023-12-08 08:51:40,401] INFO [SocketServer listenerType=BROKER, nodeId=2] Failed authentication with /10.224.1.121 (channelId=10.224.1.221:9092-10.224.1.121:56258-290) (Unexpected Kafka request of type METADATA during SASL handshake.) (org.apache.kafka.common.network.Selector)
[2023-12-08 08:51:41,206] INFO [SocketServer listenerType=BROKER, nodeId=2] Failed authentication with /10.224.1.121 (channelId=10.224.1.221:9092-10.224.1.121:56274-290) (Unexpected Kafka request of type METADATA during SASL handshake.)

Your installation details

option to accept ..
sasl_mechanism='PLAIN',
security_protocol='SASL_PLAINTEXT',
sasl_plain_username='username',
sasl_plain_password='password',

Steps to reproduce

used the latest kafka-ui helm chart

Screenshots

[2023-12-08 08:51:40,401] INFO [SocketServer listenerType=BROKER, nodeId=2] Failed authentication with /10.224.1.121 (channelId=10.224.1.221:9092-10.224.1.121:56258-290) (Unexpected Kafka request of type METADATA during SASL handshake.) (org.apache.kafka.common.network.Selector)
[2023-12-08 08:51:41,206] INFO [SocketServer listenerType=BROKER, nodeId=2] Failed authentication with /10.224.1.121 (channelId=10.224.1.221:9092-10.224.1.121:56274-290) (Unexpected Kafka request of type METADATA during SASL handshake.)

Logs

[2023-12-08 08:51:40,401] INFO [SocketServer listenerType=BROKER, nodeId=2] Failed authentication with /10.224.1.121 (channelId=10.224.1.221:9092-10.224.1.121:56258-290) (Unexpected Kafka request of type METADATA during SASL handshake.) (org.apache.kafka.common.network.Selector)
[2023-12-08 08:51:41,206] INFO [SocketServer listenerType=BROKER, nodeId=2] Failed authentication with /10.224.1.121 (channelId=10.224.1.221:9092-10.224.1.121:56274-290) (Unexpected Kafka request of type METADATA during SASL handshake.)

Additional context

connecting to existing kafka with sasl authentication

@angeloimm
Copy link

this is how I wrote my values.yaml:

   kafka:
     clusters:
       - name: "MyBrokerName"
         bootstrapServers: my_broker_url:9092
         properties:
           security.protocol: "SASL_PLAINTEXT"
           sasl.mechanism: "SCRAM-SHA-256"        
           sasl.jaas.config: "org.apache.kafka.common.security.scram.ScramLoginModule required username=\u0022MY_BROKER_USERNAME\u0022 password=\u0022MY_BROKER_PWD\u0022;"

@TheDukeDK
Copy link

What is the status of this? Is there some workaround to be able to connect to broker which requires SCRAM-SHA-512 authentication?

@TheDukeDK
Copy link

FYI: The below, redacted, configuration works for me. You can probably close this issue.

- name: delivery-test
        bootstrapServers: test-kafka-external-boostrap.example.com:9094,test-kafka-external-0.example.com:9094,test-kafka-external-1.example.com:9094,test-kafka-external-2.example.com:9094
        properties:
          security.protocol: SASL_SSL
          sasl.mechanism: SCRAM-SHA-512
          sasl.jaas.config: org.apache.kafka.common.security.scram.ScramLoginModule required username="USERNAME_HERE" password="PASSWORD_HERE";

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

3 participants