Menu
We are trying to make Kafka for public accessible.Does Kafka support SSL connection? Is there possible to authenticate client connection? Please share some idea's to implement..
963
Kafka uses SASL to perform authentication. It currently supports many mechanisms including PLAIN , SCRAM , OAUTH and GSSAPI and it allows administrator to plug custom implementations. Authentication can be enabled between brokers, between clients and brokers and between brokers and ZooKeeper.
Kafka supports cluster encryption and authentication, including a mix of authenticated and unauthenticated, and encrypted and non-encrypted clients. Using security is optional. Here a few relevant client-side security features: Encrypt data-in-transit between your applications and Kafka brokers.
Kafka uses the Java Authentication and Authorization Service (JAAS) for SASL configuration. You must provide JAAS configurations for all SASL authentication mechanisms. There are two ways to configure Kafka clients to provide the necessary information for JAAS: Specify the JAAS configuration using the sasl.
Security wasn't part of Apache Kafka's original goal. However it is planned to implement authentication and authorization in the future. You can have a look here: Apache Kafka Security.
119
SSL security is supported starting from 0.9.x, so it's possible to authenticate client's connection based on CN name in SSL certificate and ACL settings for the topic. https://cwiki.apache.org/confluence/display/KAFKA/Deploying+SSL+for+Kafka
26
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
