The default principal for Plaintext transport is "ANONYMOUS". On Sun, Dec 11, 2016 at 12:58 AM, BigData dev <bigdatadev...@gmail.com> wrote:
> Hi, > > bin/kafka-acls.sh --topic kafka-testtopic --add -allow-host 9.30.15.19 > --operation Write --authorizer-properties > zookeeper.connect=hostname.abc.com:2181 > > Below message I am getting. > You must specify one of: --allow-principal, --deny-principal when > trying to add ACLs. > > So, as kerberos is not enabled what will be the allow-principal value. > > Any information on this would be greatly helpful. > > > > Thanks > > On Sat, Dec 10, 2016 at 11:02 AM, BigData dev <bigdatadev...@gmail.com> > wrote: > > > Hi Ashish, Ismael > > Thanks for Info. > > So on Kafka Cluster (With out any security enabled) I can add ACLS with > IP > > address. > > Is that correct? > > > > > > Thanks, > > Bharat > > > > > > On Fri, Dec 9, 2016 at 11:14 AM, Ashish Singh <asi...@cloudera.com> > wrote: > > > >> Ismael, thanks for the correction. I assumed the question was targeted > for > >> without any security enabled, but yea even then IP based auth is > possible. > >> > >> On Fri, Dec 9, 2016 at 11:01 AM, Ismael Juma <ism...@juma.me.uk> wrote: > >> > >> > It is possible to use ACLs with IPs or other SASL mechanisms (PLAIN > for > >> > example). So Kerberos and SSL are not required (although commonly > used). > >> > > >> > Ismael > >> > > >> > On Fri, Dec 9, 2016 at 6:59 PM, Ashish Singh <asi...@cloudera.com> > >> wrote: > >> > > >> > > Hey, > >> > > > >> > > No it does not. Without kerberos or ssl, all requests will appear to > >> come > >> > > from anonymous user, and as long as a user is not identified it is > not > >> > > possible to do authorization on. > >> > > > >> > > On Fri, Dec 9, 2016 at 10:40 AM, BigData dev < > bigdatadev...@gmail.com > >> > > >> > > wrote: > >> > > > >> > > > Hi All, > >> > > > I have a question here, Does Kafka support ACL's with out > >> kerberos/SSL? > >> > > > > >> > > > Any info on this would be greatly helpful. > >> > > > > >> > > > > >> > > > Thanks > >> > > > > >> > > > >> > > > >> > > > >> > > -- > >> > > > >> > > Regards, > >> > > Ashish > >> > > > >> > > >> > >> > >> > >> -- > >> > >> Regards, > >> Ashish > >> > > > > >
