Kafka UI akhq基本用户身份验证不起作用

ffscu2ro  于 2023-08-02  发布在  Apache
关注(0)|答案(1)|浏览(130)

我使用akhq来监控kafka-cluster,但是我用于akhq的yml配置文件不支持basic-authentication标签。我已经共享异常如下当我记录的用户界面也是我的配置文件akhq。Akhq版本是0.23.0 Kafka版本2.6.0。

2023-07-28 14:48:00,669 ERROR r-thread-2 o.a.c.ErrorController      Unprocessed Continuation 
Reference(s)
javax.naming.PartialResultException: Unprocessed Continuation Reference(s)
    at java.naming/com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2918)
    at java.naming/com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2892)
    at java.naming/com.sun.jndi.ldap.LdapCtx.searchAux(LdapCtx.java:1846)
    at java.naming/com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1769)
    at java.naming/com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1786)
    at java.naming/com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search(ComponentDirContext.java:418)
    at java.naming/com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:396)
    at java.naming/com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:378)
    at java.naming/javax.naming.directory.InitialDirContext.search(InitialDirContext.java:286)
    at io.micronaut.security.ldap.context.DefaultLdapSearchService.search(DefaultLdapSearchService.java:55)
    at io.micronaut.security.ldap.context.DefaultLdapSearchService.searchFirst(DefaultLdapSearchService.java:40)
    at io.micronaut.security.ldap.LdapAuthenticationProvider.lambda$authenticate$2(LdapAuthenticationProvider.java:111)
    at reactor.core.publisher.FluxCreate.subscribe(FluxCreate.java:95)
    at reactor.core.publisher.InternalFluxOperator.subscribe(InternalFluxOperator.java:62)
    at reactor.core.publisher.FluxSubscribeOn$SubscribeOnSubscriber.run(FluxSubscribeOn.java:194)
    at io.micronaut.reactive.reactor.instrument.ReactorInstrumentation.lambda$init$0(ReactorInstrumentation.java:62)
    at reactor.core.scheduler.WorkerTask.call(WorkerTask.java:84)
    at reactor.core.scheduler.WorkerTask.call(WorkerTask.java:37)
    at io.micrometer.core.instrument.composite.CompositeTimer.recordCallable(CompositeTimer.java:77)
    at io.micrometer.core.instrument.Timer.lambda$wrap$1(Timer.java:162)
    at io.micronaut.scheduling.instrument.InvocationInstrumenterWrappedCallable.call(InvocationInstrumenterWrappedCallable.java:53)
    at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
    at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
    at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
    at java.base/java.lang.Thread.run(Thread.java:834)
2023-07-28 14:48:00,675 WARN  r-thread-4 org.akhq.log.access        [Date: 2023-07-28T14:48:] [Duration: 506 ms] [Url: POST /login] [Status: 500] [Ip:] [User: Anonymous]

字符串
这里还有我的application-dev.yml文件,如下所示。

micronaut:
  server:
    port: 8443
    cors:
      enabled: true
      configurations:
        all:
          allowedOrigins:
            - http://localhost:9080
  security:
    enabled: true
    ldap:
      default:
        enabled: true
        context:
          server: 'ldap://**.local:389'
          managerDn: 'cn=**,ou=Service_User,dc=**,dc=local'
          managerPassword: '**'
        search:
          base: "dc=**,dc=local"
        groups:
          enabled: true
          base: "dc=**,dc=local"
akhq:
  connections:
    local:
      properties:
        bootstrap.servers: "localhost:9092"
      schema-registry:
        url: "http://schema-registry:8085"
      connect:
        - name: "connect"
          url: "http://localhost:8083"
  security:
    groups:
      admin: # unique key
        name: admin # Group name
        roles:  # roles for the group
          - topic/read
          - topic/insert
          - topic/delete
          - topic/config/update
          - node/read
          - node/config/update
          - topic/data/read
          - topic/data/insert
          - topic/data/delete
          - group/read
          - group/delete
          - group/offsets/update
          - registry/read
          - registry/insert
          - registry/update
          - registry/delete
          - registry/version/delete
          - acls/read
          - connect/read
          - connect/insert
          - connect/update
          - connect/delete
          - connect/state/update
        attributes:
          # Regexp list to filter topic available for group
          topics-filter-regexp:
            - "test.*"
          # Regexp list to filter connect configs visible for group
          connects-filter-regexp:
            - "^test.*$"
          # Regexp list to filter consumer groups visible for group
          consumer-groups-filter-regexp:
            - "consumer.*"
      topic-reader: # unique key
        name: topic-reader # Other group
        roles:
          - topic/read
        attributes:
          topics-filter-regexp:
            - "test\\.reader.*"
    basic-auth:
      - username: admin
        password: 2548d15a37248ed962ced56f49d4cfe3cf072aee0a2a0483b67abbb2f9c01188
        groups:
          - admin

    ldap:
      default-group: topic-reader
      groups:
        - name: group-ldap-1
          groups: # Akhq groups list
            - topic-reader-dev
        - name: group-ldap-2
          groups:
            - admin

cgyqldqp

cgyqldqp1#

重建配置文件以及下面,它工作.

micronaut:
  security:
    enabled: true
  server:
    port: 8443
    cors:
      enabled: true
      configurations:
        all:
          allowedOrigins:
            - http://localhost:3000

akhq:
  connections:
    kafka-switch:
      properties:
        bootstrap.servers: "server_ips"
      schema-registry:
        url: "http://server_ip:port"
      connect:
        - name: "connect"
          url: "http://server_ip:port"
  security:
    default-group: 
      - no-roles # Default groups for all the user even unlogged user
    # Groups definition
    groups:
      admin: # unique key
        name: admin # Group name
        roles:  # roles for the group
          - topic/read
          - topic/insert
          - topic/delete
          - topic/config/update
          - node/read
          - node/config/update
          - topic/data/read
          - topic/data/insert
          - topic/data/delete
          - group/read
          - group/delete
          - group/offsets/update
          - registry/read
          - registry/insert
          - registry/update
          - registry/delete
          - registry/version/delete
          - acls/read
          - connect/read
          - connect/insert
          - connect/update
          - connect/delete
          - connect/state/update
    # Basic auth configuration
    basic-auth:
      - username: username
        password: pass # Password in sha256
        groups: # Groups for the user
          - admin
          - topic-reader

字符串

相关问题