[jira] [Updated] (AMBARI-22485) Allow Ambari to support non-kerberos SASL mechanisms for Kafka

Tue, 21 Nov 2017 19:19:45 -0800 

     [ 
https://issues.apache.org/jira/browse/AMBARI-22485?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Yolanda M. Davis updated AMBARI-22485:
--------------------------------------
    Description: 
Currently AMBARI support's SASL and SSL as the security options for Kafka.
Within SASL Ambari only supports GSSAPI(kerberos) only. Kafka supports other 
mechanisms such as plain, md5 etc.. This allows users to plug in their LDAP 
system into Kafka.
Also another important option is SASL_SSL. 
We need to expose necessary configs in Ambari to enable these mechanisms for 
users.

Ambari should allow users to not only configure Kafka for non-kerberos based 
SASL mechanisms, but also ensure that jaas configuration files are written when 
these options are provided (as opposed to only writing those files when 
kerberos has been enabled)..

  was:
Currently AMBARI support's SASL and SSL as the security options for Kafka.
Within SASL Ambari only supports GSSAPI(kerberos) only. Kafka supports other 
mechanisms such as plain, md5 etc.. This allows users to plug in their LDAP 
system into Kafka.
Also another important option is SASL_SSL. 
We need to expose necessary configs in Ambari to enable these mechanisms for 
users.


> Allow Ambari to support non-kerberos SASL mechanisms for Kafka
> --------------------------------------------------------------
>
>                 Key: AMBARI-22485
>                 URL: https://issues.apache.org/jira/browse/AMBARI-22485
>             Project: Ambari
>          Issue Type: Bug
>          Components: stacks
>    Affects Versions: 2.6.0
>            Reporter: Yolanda M. Davis
>            Assignee: Yolanda M. Davis
>         Attachments: AMBARI-22485.patch, AMBARI-22485_branch-2.6.patch
>
>
> Currently AMBARI support's SASL and SSL as the security options for Kafka.
> Within SASL Ambari only supports GSSAPI(kerberos) only. Kafka supports other 
> mechanisms such as plain, md5 etc.. This allows users to plug in their LDAP 
> system into Kafka.
> Also another important option is SASL_SSL. 
> We need to expose necessary configs in Ambari to enable these mechanisms for 
> users.
> Ambari should allow users to not only configure Kafka for non-kerberos based 
> SASL mechanisms, but also ensure that jaas configuration files are written 
> when these options are provided (as opposed to only writing those files when 
> kerberos has been enabled)..



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Reply via email to