Clients may configure JAAS using the client configuration property sasl.jaas.config or using the static JAAS config file similar to brokers.JAAS configuration using client configuration property

      1. Clients may specify JAAS configuration as a producer or consumer property without creating a physical configuration file. This mode also enables different producers and consumers within the same JVM to use different credentials by specifying different properties for each client. If both static JAAS configuration system property java.security.auth.login.config and client property sasl.jaas.config are specified, the client property will be used.

        See GSSAPI (Kerberos)PLAINSCRAM or OAUTHBEARER for example configurations.

      2. JAAS configuration using static config file

        To configure SASL authentication on the clients using static JAAS config file:

        1. Add a JAAS config file with a client login section named KafkaClient. Configure a login module in KafkaClient for the selected mechanism as described in the examples for setting up GSSAPI (Kerberos)PLAINSCRAM or OAUTHBEARER. For example, GSSAPI credentials may be configured as:

          1
          2
          3
          4
          5
          6
          7
              KafkaClient {
              com.sun.security.auth.module.Krb5LoginModule required
              useKeyTab=true
              storeKey=true
              keyTab="/etc/security/keytabs/kafka_client.keytab"
              principal="kafka-client-1@EXAMPLE.COM";
          };
        2. Pass the JAAS config file location as JVM parameter to each client JVM. For example:
          1
          -Djava.security.auth.login.config=/etc/kafka/kafka_client_jaas.conf

JAAS configuration for Kafka clients的更多相关文章

  1. 处理 Could not find a 'KafkaClient' entry in the JAAS configuration. System property 'java.security.auth.login.config' is

    场景 某监控进程需要访问多个集群的Kafka INFO - org.apache.kafka.common.KafkaException: Failed to construct kafka cons ...

  2. CDH下集成spark2.2.0与kafka(四十一):在spark+kafka流处理程序中抛出错误java.lang.NoSuchMethodError: org.apache.kafka.clients.consumer.KafkaConsumer.subscribe(Ljava/util/Collection;)V

    错误信息 19/01/15 19:36:40 WARN consumer.ConsumerConfig: The configuration max.poll.records = 1 was supp ...

  3. Error when sending message to topic test with key: null, value: 2 bytes with error: (org.apache.kafka.clients.producer.internals.ErrorLoggingCallback)

    windows下使用kafka遇到这个问题: Error when sending message to topic test with key: null, value: 2 bytes with ...

  4. 11:57:24 [org.springframework.kafka.KafkaListenerEndpointContainer#0-0-C-1] WARN o.apache.kafka.clients.NetworkClient - [Consumer clientId=consumer-2, groupId=jiatian_api] 3 partitions have leader……

    错误如下: 11:57:24 [org.springframework.kafka.KafkaListenerEndpointContainer#0-0-C-1] WARN  o.apache.kaf ...

  5. Kafka遇到30042ms has passed since batch creation plus linger time at org.apache.kafka.clients.producer.internals.FutureRecordMetadata.valueOrError(FutureRecordMetadata.java:94)

    问题描述: 运行生产者线程的时候显示如下错误信息: Expiring 1 record(s) for XXX-0: 30042 ms has passed since batch creation p ...

  6. object not serializable (class: org.apache.kafka.clients.consumer.ConsumerRecord)

    3. object not serializable (class: org.apache.kafka.clients.consumer.ConsumerRecord)   val stream = ...

  7. 报错:Connection to node -1 could not be established. Broker may not be available. (org.apache.kafka.clients.NetworkClient)

    报错背景: 启动kafka消费者之后出现这种报错,持续打印相同信息. 报错现象: [root@master kafka_2.-]# /opt/kafka/kafka_2.-/bin/kafka-con ...

  8. java.io.NotSerializableException: org.apache.kafka.clients.consumer.ConsumerRecord

    kafka 与spark集成 序列化问题 sparkConf.set("spark.serializer", "org.apache.spark.serializer.K ...

  9. 【原创】大叔问题定位分享(9)oozie提交spark任务报 java.lang.NoClassDefFoundError: org/apache/kafka/clients/producer/KafkaProducer

    oozie中支持很多的action类型,比如spark.hive,对应的标签为: <spark xmlns="uri:oozie:spark-action:0.1"> ...

随机推荐

  1. 【前端_React】Node.js和webpack的安装

    第一步——安装Node.js 首先要安装Node.js,Node.js自带了软件包管理工具npm,可以使用npm安装各种插件.Node.js的下载地址 可以自定义安装到指定的路径下,待安装完成后命令行 ...

  2. 开放API接口安全处理!

    目录 概念 加密 MD5 Token 开放api参数 重复提交,恶意调用 日志 验证码 开放API接口安全处理! 参考文献: 公钥,私钥和数字签名这样最好理解 (转载) 概念 存在问题: 数据窃取 数 ...

  3. Nginx 高级配置-第三方模块编译

    Nginx 高级配置-第三方模块编译 作者:尹正杰 版权声明:原创作品,谢绝转载!否则将追究法律责任. 第三模块是对nginx 的功能扩展,第三方模块需要在编译安装Nginx 的时候使用参数--add ...

  4. Peekaboo(2019年上海网络赛K题+圆上整点)

    目录 题目链接 题意 思路 代码 题目链接 传送门 题意 你的位置在\(O(0,0)\),\(A\)的位置为\((x_1,y_1)\),\(B\)的位置为\((x_2,y_2)\),现在已知\(a=O ...

  5. HDU3507:Print Article(斜率优化dp)

    传送门 题意: 现有\(n\)个数,每个数的值为\(a_i\),现在可以把数划分为多段,每一段的代价为\((\sum_{k=i}^{j}c_i)^2+M\). 问怎么划分,代价最小. 思路: 考虑dp ...

  6. Java 中的各种锁

    table th:first-of-type { width: 100px; } 锁的类型 锁的实现 乐观锁 在数据库中可以使用version版本号去实现:在Java中是使用CAS(Compare A ...

  7. reduce方法和reduceRight方法

    什么是reduce方法? 先来看一下用用法: var arr = [1, 2, 3, 4] var sum = (a, b) => a + b arr.reduce(sum, 0) 由上面代码可 ...

  8. 题解 P4305 【[JLOI2011]不重复数字】

    来一波用vector的最短代码题解 P4305 [JLOI2011]不重复数字 关于hash表的部分大家可以看一看其他的题解,我就不说了 不定长数组vector的几个基本用法: 定义: vector& ...

  9. DCI学习链接及文章

    https://www.jianshu.com/u/c1b1137d5886 李永顺 https://www.jianshu.com/users/7386692d5489/timeline 袁英杰 小 ...

  10. Debian9 安装软件汇总

    dpkg dpkg -i 安装本地安装包 echo 'pkgname newstat' | dpkg --set-selections 修改软件包安装状态 newstat install,deinst ...