授予kafka和zookeeper sasl/plain服务器上的匿名用户访问权限

agyaoht7  于 2021-06-04  发布在  Kafka
关注(0)|答案(0)|浏览(1360)

我经营一个基本(1经纪人)Kafka( v2.3.0 )我的机器上的zookeeper示例有一个有效的sasl/明文身份验证机制,我正在尝试以匿名用户的身份使用topic。我正在使用这些配置:
服务器属性

broker.id=0
group.initial.rebalance.delay.ms=0
log.dirs=/tmp/kafka-logs
log.retention.check.interval.ms=300000
log.retention.hours=168
log.segment.bytes=1073741824
num.io.threads=8
num.network.threads=3
num.partitions=1
num.recovery.threads.per.data.dir=1
offsets.topic.replication.factor=1
socket.receive.buffer.bytes=102400
socket.request.max.bytes=104857600
socket.send.buffer.bytes=102400
transaction.state.log.min.isr=1
transaction.state.log.replication.factor=1
zookeeper.connect=localhost:2181
zookeeper.connection.timeout.ms=6000

security.inter.broker.protocol=SASL_PLAINTEXT
sasl.mechanism.inter.broker.protocol=PLAIN
sasl.enabled.mechanisms=PLAIN
authorizer.class.name=kafka.security.auth.SimpleAclAuthorizer
allow.everyone.if.no.acl.found=true
auto.create.topics.enable=false

listeners=SASL_PLAINTEXT://localhost:9092
advertised.listeners=SASL_PLAINTEXT://localhost:9092

advertised.host.name=localhost
delete.topic.enable=true
zookeeper.set.acl=true
super.users=User:admin

zookeeper.properties属性

dataDir=/tmp/zookeeper0607
clientPort=2181
maxClientCnxns=0

authProvider.1=org.apache.zookeeper.server.auth.SASLAuthenticationProvider
requireClientAuthScheme=sasl
jaasLoginRenew=3600000

消费者财产

bootstrap.servers=localhost:9092
group.id=test-consumer-group

我已使用以下命令授予用户匿名权限: bin/kafka-acls.sh --authorizer-properties zookeeper.connect=localhost:2181 --add --allow-principal User:ANONYMOUS --consumer --group '*' --topic 'test' 但是,当我尝试使用(或生成)运行kafka consumer脚本的主题测试时,它返回以下错误:

[2020-07-06 15:36:37,525] WARN [Consumer clientId=consumer-1, groupId=test-consumer-group] Bootstrap broker localhost:9092 (id: -1 rack: null) disconnected (org.apache.kafka.clients.NetworkClient)

Kafka服务器日志:

[2020-07-06 15:36:39,784] INFO [SocketServer brokerId=0] Failed authentication with /127.0.0.1 (Unexpected Kafka request of type METADATA during SASL handshake.) (org.apache.kafka.common.network.Selector)

如果我尝试使用authenticated和authorized(使用与上面相同的kafka acl命令)user来使用相同的主题,那么一切都正常。

Javaapache-kafkaACLapache-zookeeperkafka-consumer-api

暂无答案!

目前还没有任何答案,快来回答吧!

我来回答

相关问题

    查看更多

    热门标签

    更多
    JavaquerypythonNode开发语言requestUtil数据库Table后端算法LoggerMessageElementParser

    最新问答

    更多
    • 蜀ICP备2022004421号-2 NULL123 https://www.null123.com © All rights reserved
    • 本站内容来源互联网,如果侵犯您的权益请联系我们删除, 联系方式:448109455@qq.com