GitHub user srenatus closed the discussion with a comment: Troubles testing using standalone cluster and authentication/authorization
I had indeed forgotten [this section of the docs](https://pulsar.apache.org/docs/3.2.x/security-jwt/#enable-jwt-authentication-on-brokersproxies). Adding these env vars, ```go tc_pulsar.WithPulsarEnv("brokerClientAuthenticationPlugin", "org.apache.pulsar.client.impl.auth.AuthenticationToken"), tc_pulsar.WithPulsarEnv("brokerClientAuthenticationParameters", fmt.Sprintf(`{"token": "%s"}`, testToken)) ``` the standalone service comes up flawlessly. The testcontainers-go waitstrategy had also to be updated -- it worked fine with this: ```go tc, err := tc_pulsar.RunContainer(ctx, append(cs, tc_pulsar.WithPulsarEnv("authenticationEnabled", "true"), tc_pulsar.WithPulsarEnv("authorizationEnabled", "true"), tc_pulsar.WithPulsarEnv("tokenSecretKey", testSecretKey), tc_pulsar.WithPulsarEnv("authenticationProviders", "org.apache.pulsar.broker.authentication.AuthenticationProviderToken"), tc_pulsar.WithPulsarEnv("brokerClientAuthenticationPlugin", "org.apache.pulsar.client.impl.auth.AuthenticationToken"), tc_pulsar.WithPulsarEnv("brokerClientAuthenticationParameters", fmt.Sprintf(`{"token": "%s"}`, testToken)), tc_pulsar.WithPulsarEnv("superUserRoles", "admin"), testcontainers.WithImage("docker.io/apachepulsar/pulsar:3.2.2"), testcontainers.WithWaitStrategy( wait.ForHTTP("/admin/v2/clusters"). WithHeaders(map[string]string{ "Authorization": "Bearer " + testToken, }). WithPort("8080/tcp"). WithStatusCodeMatcher(func(status int) bool { return status == 200 }). WithResponseMatcher(func(r io.Reader) bool { respBytes, _ := io.ReadAll(r) resp := string(respBytes) return resp == `["standalone"]` }), ), )...) if err != nil { t.Fatalf("could not start pulsar: %s", err) } ``` `testSecretKey` and `testToken` were generated like this: ```interactive $ bin/pulsar tokens create-secret-key -o secret.key $ bin/pulsar tokens create -sk file:///pulsar/secret.key -s admin eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJhZG1pbiJ9.DanjiED-2Aw_K96f__VNoHTtr7CW0ENYaX3zT3CHtWc $ bin/pulsar tokens validate -sk file:///pulsar/secret.key eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJhZG1pbiJ9.DanjiED-2Aw_K96f__VNoHTtr7CW0ENYaX3zT3CHtWc {sub=admin} $ base64 < secret.key EpaPAaTyeQBXW3Gvv3fCzR4OW/G7iserFq7U5G3H0rg= $ bin/pulsar tokens validate -sk "data:;base64,EpaPAaTyeQBXW3Gvv3fCzR4OW/G7iserFq7U5G3H0rg=" eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJhZG1pbiJ9.DanjiED-2Aw_K96f__VNoHTtr7CW0ENYaX3zT3CHtWc {sub=admin ``` in a running apache/pulsar container. Thanks to @alpreu for helping be get unblocked 🙌 GitHub link: https://github.com/apache/pulsar/discussions/22718#discussioncomment-9454990 ---- This is an automatically sent email for [email protected]. To unsubscribe, please send an email to: [email protected]
