[jira] [Commented] (KAFKA-14369) Docs - KRAFT controller authentication example

Fri, 27 Oct 2023 15:17:32 -0700 


    [ 
https://issues.apache.org/jira/browse/KAFKA-14369?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17780549#comment-17780549
 ] 

Colin McCabe commented on KAFKA-14369:
--------------------------------------

Thanks [~dbove]. I agree that it would be helpful to have an example config 
file with non-PLAINTEXT auth. If you have one, please post it here.

> Docs - KRAFT controller authentication example
> ----------------------------------------------
>
>                 Key: KAFKA-14369
>                 URL: https://issues.apache.org/jira/browse/KAFKA-14369
>             Project: Kafka
>          Issue Type: Bug
>          Components: docs
>    Affects Versions: 3.3.1
>            Reporter: Domenic Bove
>            Priority: Minor
>              Labels: kraft
>
> The [Kafka Listener docs 
> |https://kafka.apache.org/documentation/#listener_configuration]mention how 
> to handle kafka protocols (other than PLAINTEXT) on the KRAFT controller 
> listener, but it is not a working example and I found that I was missing this 
> property: 
> {code:java}
> sasl.mechanism.controller.protocol {code}
> when attempting to do SASL_PLAINTEXT on the controller listener. I see that 
> property here: 
> [https://kafka.apache.org/documentation/#brokerconfigs_sasl.mechanism.controller.protocol]
> But nowhere else. 
> I wonder if a complete working example would be better. Here are my working 
> configs for sasl plain on the controller
> {code:java}
> process.roles=controller
> listeners=CONTROLLER://:9093 
> node.id=1
> controller.quorum.voters=1@localhost:9093
> controller.listener.names=CONTROLLER
> listener.security.protocol.map=CONTROLLER:SASL_PLAINTEXT
> listener.name.controller.plain.sasl.jaas.config=org.apache.kafka.common.security.plain.PlainLoginModule
>  required username="admin" password="admin-secret" user_admin="admin-secret" 
> user_alice="alice-secret";
> listener.name.controller.sasl.enabled.mechanisms=PLAIN
> listener.name.controller.sasl.mechanism=PLAIN
> sasl.enabled.mechanisms=PLAIN
> sasl.mechanism.controller.protocol=PLAIN{code}
> Or maybe just a callout of that property in the existing docs



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to