[
https://issues.apache.org/jira/browse/CAMEL-12596?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16529703#comment-16529703
]
Lizuca Mihaescu commented on CAMEL-12596:
-----------------------------------------
[~ancosen] I am not very familiar with Camel internals but I believe the Camel
parameters shall be verified so user does not enter garbage and the
configuration could be loaded. I do not believe that ActiveMQ shall be aware of
the valid parameters for Camel configuration. During such process Camel throws
a verification exception therefore ActiveMQ does not start.
So, during the Camel parameters verification process the SASL_PLAINTEXT is not
accepted as a parameter. This is easy to try with any Camel configurations you
might have. Just try to enter securityProtocol=SASL_PLAINTEXT and you will get
an error during the verification stage which takes place at ActiveMQ startup.
Let me know if you can try this suggested test.
If not, as right now I do not have access to my test setup but as soon as I get
access I will provide you with all my details.
> Camel-Kafka security protocol SASL_PLAINTEXT not supported
> ----------------------------------------------------------
>
> Key: CAMEL-12596
> URL: https://issues.apache.org/jira/browse/CAMEL-12596
> Project: Camel
> Issue Type: Improvement
> Components: camel-kafka
> Affects Versions: 2.21.1
> Environment: * ActiveMQ v5.15.4
> * Camel:2.21.1
> * Kafka Clients: 1.1.0
> * Server Version: Apache/2.4.6(CentOS)
> Reporter: Lizuca Mihaescu
> Priority: Major
>
> I need to route ActiveMQ messages to Kafka(Cloudera) through Camel using
> authentication protocol Kerberos.
>
> Kafka Security documentation states that it only supports *SASL_PLAINTEXT*
> and *SASL_SSL* for Kerberos:
> [https://www.cloudera.com/documentation/kafka/2-0-x/topics/kafka_security.html]
>
> | ** |*SSL*|*Kerberos*|
> |PLAINTEXT|No|No|
> |SSL|Yes|No|
> |SASL_PLAINTEXT|No|Yes|
> |SASL_SSL|Yes|Yes|
>
>
>
> On the other hand when I try to use *SASL_PLAINTEXT* for security protocol in
> Camel I am getting an error during the ActiveMQ starting. As a result
> ActiveMQ will not start.
>
> I took the latest Camel code from: [https://github.com/apache/camel.git] and
> it states that it only supports *SSL* and *PLAINTEXT* as security protocols
> values.
>
> | *securityProtocol* (security) | Protocol used to communicate with brokers.
> Currently only PLAINTEXT and SSL are supported. | PLAINTEXT | String
>
>
> I did find this solved issue: [https://access.redhat.com/solutions/3364871]
> but I did not find any evidence that this is working in the latest Camel
> version.
>
> My Camel setup fragment is:
> {code:java}
> <log message="Started The Producer Route" /><to
> uri="kafka://10.100.70.00:9092?topic=MyEvents.s1.v1&brokers=10.100.70.00:9092&requestTimeoutMs=305000&retries=3&keySerializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&saslMechanism=GSSAPI&serializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&securityProtocol=SASL_PLAINTEXT&saslKerberosServiceName=kafka"/>{code}
>
> I am using an external Jaas configuration file:
> {code:java}
> KafkaClient {
> com.sun.security.auth.module.Krb5LoginModule required
> useKeyTab=true
> storeKey=true
> keyTab="./user.keytab"
> useTicketCache=false
> serviceName="kafka"
> principal=" Group/[email protected]";
> };{code}
> Why Camel does not support *SASL_PLAINTEXT* *and* *SASL_SSL*?
>
> Please help me this is *VERY IMPORTANT* for the project I am working on and
> this issue is considered a blocker. I am also an experienced Java programmer
> and I am willing to contribute if necessary to the open source code for such
> implementation if the need may be.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
