[
https://issues.apache.org/jira/browse/KAFKA-20584?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Kalyan Ram chowdary purimetla updated KAFKA-20584:
--------------------------------------------------
Description:
* We are testing the SASL oauth bearer for our requirements in the project
* We are facing some issues while trying to deploy with kafka 4.2 and are
facing some issues in accessing with the tokens
Server side properties are as follows
{code:java}
listeners=SASL_PLAINTEXT://:9092,CONTROLLER://:9093
advertised.listeners=SASL_PLAINTEXT://localhost:9092,CONTROLLER://localhost:9093
# Add this line to resolve the error
inter.broker.listener.name=SASL_PLAINTEXT
sasl.enabled.mechanisms=OAUTHBEARER
sasl.mechanism.inter.broker.protocol=OAUTHBEARER
listener.name.sasl_plaintext.oauthbearer.sasl.server.callback.handler.class=org.apache.kafka.common.security.oauthbearer.OAuthBearerValidatorCallbackHandler
listener.name.sasl_plaintext.oauthbearer.sasl.oauthbearer.jwks.endpoint.url=https://idcs-7d84fbd4d3f0434eb0f070fd3dd65fbf.identity.pint.oc9qadev.com:443/admin/v1/SigningCert/jwk
{code}
* Consumer side properties as follows
{code:java}
sasl.jaas.config:
org.apache.kafka.common.security.oauthbearer.OAuthBearerLoginModule required ;
security.protocol: SASL_PLAINTEXT sasl.mechanism: OAUTHBEARER
sasl.login.callback.handler.class:
org.apache.kafka.common.security.oauthbearer.OAuthBearerLoginCallbackHandler
sasl.oauthbearer.jwt.retriever.class:
org.apache.kafka.common.security.oauthbearer.ClientCredentialsJwtRetriever
sasl.oauthbearer.client.credentials.client.id: xxxxxxx
sasl.oauthbearer.client.credentials.client.secret: xxxxxxxxx
sasl.oauthbearer.scope: <scope> sasl.oauthbearer.token.endpoint.url:
<access_token_url>
{code}
* Error logs are in the attachements
was:
* We are testing the SASL oauth bearer for our requirements in the project
* We are facing some issues while trying to deploy with kafka 4.2 and are
facing some issues in accessing with the tokens
Server side properties are as follows
{code:java}
listeners=SASL_PLAINTEXT://:9092,CONTROLLER://:9093
advertised.listeners=SASL_PLAINTEXT://localhost:9092,CONTROLLER://localhost:9093
# Add this line to resolve the error
inter.broker.listener.name=SASL_PLAINTEXT
sasl.enabled.mechanisms=OAUTHBEARER
sasl.mechanism.inter.broker.protocol=OAUTHBEARER
listener.name.sasl_plaintext.oauthbearer.sasl.server.callback.handler.class=org.apache.kafka.common.security.oauthbearer.OAuthBearerValidatorCallbackHandler
listener.name.sasl_plaintext.oauthbearer.sasl.oauthbearer.jwks.endpoint.url=https://idcs-7d84fbd4d3f0434eb0f070fd3dd65fbf.identity.pint.oc9qadev.com:443/admin/v1/SigningCert/jwk
{code}
* Consumer side properties as follows
{code:java}
sasl.jaas.config:
org.apache.kafka.common.security.oauthbearer.OAuthBearerLoginModule required ;
security.protocol: SASL_PLAINTEXT sasl.mechanism: OAUTHBEARER
sasl.login.callback.handler.class:
org.apache.kafka.common.security.oauthbearer.OAuthBearerLoginCallbackHandler
sasl.oauthbearer.jwt.retriever.class:
org.apache.kafka.common.security.oauthbearer.ClientCredentialsJwtRetriever
sasl.oauthbearer.client.credentials.client.id: xxxxxxx
sasl.oauthbearer.client.credentials.client.secret: xxxxxxxxx
sasl.oauthbearer.scope: <scope> sasl.oauthbearer.token.endpoint.url:
<access_token_url>
{code}
> issue in SASL oauthbearer flow for kraft version in kafka 4.2
> -------------------------------------------------------------
>
> Key: KAFKA-20584
> URL: https://issues.apache.org/jira/browse/KAFKA-20584
> Project: Kafka
> Issue Type: Bug
> Environment: Linux
> Reporter: Kalyan Ram chowdary purimetla
> Priority: Major
> Attachments: error-logs.txt
>
>
> * We are testing the SASL oauth bearer for our requirements in the project
> * We are facing some issues while trying to deploy with kafka 4.2 and are
> facing some issues in accessing with the tokens
> Server side properties are as follows
> {code:java}
> listeners=SASL_PLAINTEXT://:9092,CONTROLLER://:9093
> advertised.listeners=SASL_PLAINTEXT://localhost:9092,CONTROLLER://localhost:9093
> # Add this line to resolve the error
> inter.broker.listener.name=SASL_PLAINTEXT
> sasl.enabled.mechanisms=OAUTHBEARER
> sasl.mechanism.inter.broker.protocol=OAUTHBEARER
> listener.name.sasl_plaintext.oauthbearer.sasl.server.callback.handler.class=org.apache.kafka.common.security.oauthbearer.OAuthBearerValidatorCallbackHandler
>
> listener.name.sasl_plaintext.oauthbearer.sasl.oauthbearer.jwks.endpoint.url=https://idcs-7d84fbd4d3f0434eb0f070fd3dd65fbf.identity.pint.oc9qadev.com:443/admin/v1/SigningCert/jwk
> {code}
> * Consumer side properties as follows
> {code:java}
> sasl.jaas.config:
> org.apache.kafka.common.security.oauthbearer.OAuthBearerLoginModule required
> ; security.protocol: SASL_PLAINTEXT sasl.mechanism: OAUTHBEARER
> sasl.login.callback.handler.class:
> org.apache.kafka.common.security.oauthbearer.OAuthBearerLoginCallbackHandler
> sasl.oauthbearer.jwt.retriever.class:
> org.apache.kafka.common.security.oauthbearer.ClientCredentialsJwtRetriever
> sasl.oauthbearer.client.credentials.client.id: xxxxxxx
> sasl.oauthbearer.client.credentials.client.secret: xxxxxxxxx
> sasl.oauthbearer.scope: <scope> sasl.oauthbearer.token.endpoint.url:
> <access_token_url>
> {code}
>
> * Error logs are in the attachements
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
