[jira] [Commented] (CAMEL-12596) Camel-Kafka security protocol SASL_PLAINTEXT not supported
[ https://issues.apache.org/jira/browse/CAMEL-12596?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16531074#comment-16531074 ] Lizuca Mihaescu commented on CAMEL-12596: - Thank you both :). I am going to check the Red Hat to find someone. In the mean time I will try simpler setups, step by step as suggested. It is true I've tried to achieve to much :( Please keep this issue for further investigation. > Camel-Kafka security protocol SASL_PLAINTEXT not supported > -- > > Key: CAMEL-12596 > URL: https://issues.apache.org/jira/browse/CAMEL-12596 > Project: Camel > Issue Type: Improvement > Components: camel-kafka >Affects Versions: 2.21.1 > Environment: * ActiveMQ v5.15.4 > * Camel:2.21.1 > * Kafka Clients: 1.1.0 > * Server Version: Apache/2.4.6(CentOS) >Reporter: Lizuca Mihaescu >Priority: Major > Attachments: camel.xml, camel.xml > > > I need to route ActiveMQ messages to Kafka(Cloudera) through Camel using > authentication protocol Kerberos. > > Kafka Security documentation states that it only supports *SASL_PLAINTEXT* > and *SASL_SSL* for Kerberos: > [https://www.cloudera.com/documentation/kafka/2-0-x/topics/kafka_security.html] > > | ** |*SSL*|*Kerberos*| > |PLAINTEXT|No|No| > |SSL|Yes|No| > |SASL_PLAINTEXT|No|Yes| > |SASL_SSL|Yes|Yes| > > > > On the other hand when I try to use *SASL_PLAINTEXT* for security protocol in > Camel I am getting an error during the ActiveMQ starting. As a result > ActiveMQ will not start. > > I took the latest Camel code from: [https://github.com/apache/camel.git] and > it states that it only supports *SSL* and *PLAINTEXT* as security protocols > values. > > | *securityProtocol* (security) | Protocol used to communicate with brokers. > Currently only PLAINTEXT and SSL are supported. | PLAINTEXT | String > > > I did find this solved issue: [https://access.redhat.com/solutions/3364871] > but I did not find any evidence that this is working in the latest Camel > version. > > My Camel setup fragment is: > {code:java} > uri="kafka://10.100.70.00:9092?topic=MyEvents.s1.v1&brokers=10.100.70.00:9092&requestTimeoutMs=305000&retries=3&keySerializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&saslMechanism=GSSAPI&serializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&securityProtocol=SASL_PLAINTEXT&saslKerberosServiceName=kafka"/>{code} > > I am using an external Jaas configuration file: > {code:java} > KafkaClient { > com.sun.security.auth.module.Krb5LoginModule required > useKeyTab=true > storeKey=true > keyTab="./user.keytab" > useTicketCache=false > serviceName="kafka" > principal=" Group/u...@domain.lan"; > };{code} > Why Camel does not support *SASL_PLAINTEXT* *and* *SASL_SSL*? > > Please help me this is *VERY IMPORTANT* for the project I am working on and > this issue is considered a blocker. I am also an experienced Java programmer > and I am willing to contribute if necessary to the open source code for such > implementation if the need may be. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (CAMEL-12596) Camel-Kafka security protocol SASL_PLAINTEXT not supported
[ https://issues.apache.org/jira/browse/CAMEL-12596?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16531045#comment-16531045 ] Andrea Cosentino commented on CAMEL-12596: -- You have some choice here http://camel.apache.org/commercial-camel-offerings.html > Camel-Kafka security protocol SASL_PLAINTEXT not supported > -- > > Key: CAMEL-12596 > URL: https://issues.apache.org/jira/browse/CAMEL-12596 > Project: Camel > Issue Type: Improvement > Components: camel-kafka >Affects Versions: 2.21.1 > Environment: * ActiveMQ v5.15.4 > * Camel:2.21.1 > * Kafka Clients: 1.1.0 > * Server Version: Apache/2.4.6(CentOS) >Reporter: Lizuca Mihaescu >Priority: Major > Attachments: camel.xml, camel.xml > > > I need to route ActiveMQ messages to Kafka(Cloudera) through Camel using > authentication protocol Kerberos. > > Kafka Security documentation states that it only supports *SASL_PLAINTEXT* > and *SASL_SSL* for Kerberos: > [https://www.cloudera.com/documentation/kafka/2-0-x/topics/kafka_security.html] > > | ** |*SSL*|*Kerberos*| > |PLAINTEXT|No|No| > |SSL|Yes|No| > |SASL_PLAINTEXT|No|Yes| > |SASL_SSL|Yes|Yes| > > > > On the other hand when I try to use *SASL_PLAINTEXT* for security protocol in > Camel I am getting an error during the ActiveMQ starting. As a result > ActiveMQ will not start. > > I took the latest Camel code from: [https://github.com/apache/camel.git] and > it states that it only supports *SSL* and *PLAINTEXT* as security protocols > values. > > | *securityProtocol* (security) | Protocol used to communicate with brokers. > Currently only PLAINTEXT and SSL are supported. | PLAINTEXT | String > > > I did find this solved issue: [https://access.redhat.com/solutions/3364871] > but I did not find any evidence that this is working in the latest Camel > version. > > My Camel setup fragment is: > {code:java} > uri="kafka://10.100.70.00:9092?topic=MyEvents.s1.v1&brokers=10.100.70.00:9092&requestTimeoutMs=305000&retries=3&keySerializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&saslMechanism=GSSAPI&serializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&securityProtocol=SASL_PLAINTEXT&saslKerberosServiceName=kafka"/>{code} > > I am using an external Jaas configuration file: > {code:java} > KafkaClient { > com.sun.security.auth.module.Krb5LoginModule required > useKeyTab=true > storeKey=true > keyTab="./user.keytab" > useTicketCache=false > serviceName="kafka" > principal=" Group/u...@domain.lan"; > };{code} > Why Camel does not support *SASL_PLAINTEXT* *and* *SASL_SSL*? > > Please help me this is *VERY IMPORTANT* for the project I am working on and > this issue is considered a blocker. I am also an experienced Java programmer > and I am willing to contribute if necessary to the open source code for such > implementation if the need may be. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (CAMEL-12596) Camel-Kafka security protocol SASL_PLAINTEXT not supported
[ https://issues.apache.org/jira/browse/CAMEL-12596?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16531041#comment-16531041 ] Dmitry Volodin commented on CAMEL-12596: [~macuzil] you are welcome to contact Red Hat office depends of the country of your location (or nearest country/region) https://www.redhat.com/en/about/office-locations > Camel-Kafka security protocol SASL_PLAINTEXT not supported > -- > > Key: CAMEL-12596 > URL: https://issues.apache.org/jira/browse/CAMEL-12596 > Project: Camel > Issue Type: Improvement > Components: camel-kafka >Affects Versions: 2.21.1 > Environment: * ActiveMQ v5.15.4 > * Camel:2.21.1 > * Kafka Clients: 1.1.0 > * Server Version: Apache/2.4.6(CentOS) >Reporter: Lizuca Mihaescu >Priority: Major > Attachments: camel.xml, camel.xml > > > I need to route ActiveMQ messages to Kafka(Cloudera) through Camel using > authentication protocol Kerberos. > > Kafka Security documentation states that it only supports *SASL_PLAINTEXT* > and *SASL_SSL* for Kerberos: > [https://www.cloudera.com/documentation/kafka/2-0-x/topics/kafka_security.html] > > | ** |*SSL*|*Kerberos*| > |PLAINTEXT|No|No| > |SSL|Yes|No| > |SASL_PLAINTEXT|No|Yes| > |SASL_SSL|Yes|Yes| > > > > On the other hand when I try to use *SASL_PLAINTEXT* for security protocol in > Camel I am getting an error during the ActiveMQ starting. As a result > ActiveMQ will not start. > > I took the latest Camel code from: [https://github.com/apache/camel.git] and > it states that it only supports *SSL* and *PLAINTEXT* as security protocols > values. > > | *securityProtocol* (security) | Protocol used to communicate with brokers. > Currently only PLAINTEXT and SSL are supported. | PLAINTEXT | String > > > I did find this solved issue: [https://access.redhat.com/solutions/3364871] > but I did not find any evidence that this is working in the latest Camel > version. > > My Camel setup fragment is: > {code:java} > uri="kafka://10.100.70.00:9092?topic=MyEvents.s1.v1&brokers=10.100.70.00:9092&requestTimeoutMs=305000&retries=3&keySerializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&saslMechanism=GSSAPI&serializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&securityProtocol=SASL_PLAINTEXT&saslKerberosServiceName=kafka"/>{code} > > I am using an external Jaas configuration file: > {code:java} > KafkaClient { > com.sun.security.auth.module.Krb5LoginModule required > useKeyTab=true > storeKey=true > keyTab="./user.keytab" > useTicketCache=false > serviceName="kafka" > principal=" Group/u...@domain.lan"; > };{code} > Why Camel does not support *SASL_PLAINTEXT* *and* *SASL_SSL*? > > Please help me this is *VERY IMPORTANT* for the project I am working on and > this issue is considered a blocker. I am also an experienced Java programmer > and I am willing to contribute if necessary to the open source code for such > implementation if the need may be. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (CAMEL-12596) Camel-Kafka security protocol SASL_PLAINTEXT not supported
[ https://issues.apache.org/jira/browse/CAMEL-12596?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16531029#comment-16531029 ] Lizuca Mihaescu commented on CAMEL-12596: - [~ancosen] [~dmvolod] can you recommend a consultant who can help with this problem? > Camel-Kafka security protocol SASL_PLAINTEXT not supported > -- > > Key: CAMEL-12596 > URL: https://issues.apache.org/jira/browse/CAMEL-12596 > Project: Camel > Issue Type: Improvement > Components: camel-kafka >Affects Versions: 2.21.1 > Environment: * ActiveMQ v5.15.4 > * Camel:2.21.1 > * Kafka Clients: 1.1.0 > * Server Version: Apache/2.4.6(CentOS) >Reporter: Lizuca Mihaescu >Priority: Major > Attachments: camel.xml, camel.xml > > > I need to route ActiveMQ messages to Kafka(Cloudera) through Camel using > authentication protocol Kerberos. > > Kafka Security documentation states that it only supports *SASL_PLAINTEXT* > and *SASL_SSL* for Kerberos: > [https://www.cloudera.com/documentation/kafka/2-0-x/topics/kafka_security.html] > > | ** |*SSL*|*Kerberos*| > |PLAINTEXT|No|No| > |SSL|Yes|No| > |SASL_PLAINTEXT|No|Yes| > |SASL_SSL|Yes|Yes| > > > > On the other hand when I try to use *SASL_PLAINTEXT* for security protocol in > Camel I am getting an error during the ActiveMQ starting. As a result > ActiveMQ will not start. > > I took the latest Camel code from: [https://github.com/apache/camel.git] and > it states that it only supports *SSL* and *PLAINTEXT* as security protocols > values. > > | *securityProtocol* (security) | Protocol used to communicate with brokers. > Currently only PLAINTEXT and SSL are supported. | PLAINTEXT | String > > > I did find this solved issue: [https://access.redhat.com/solutions/3364871] > but I did not find any evidence that this is working in the latest Camel > version. > > My Camel setup fragment is: > {code:java} > uri="kafka://10.100.70.00:9092?topic=MyEvents.s1.v1&brokers=10.100.70.00:9092&requestTimeoutMs=305000&retries=3&keySerializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&saslMechanism=GSSAPI&serializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&securityProtocol=SASL_PLAINTEXT&saslKerberosServiceName=kafka"/>{code} > > I am using an external Jaas configuration file: > {code:java} > KafkaClient { > com.sun.security.auth.module.Krb5LoginModule required > useKeyTab=true > storeKey=true > keyTab="./user.keytab" > useTicketCache=false > serviceName="kafka" > principal=" Group/u...@domain.lan"; > };{code} > Why Camel does not support *SASL_PLAINTEXT* *and* *SASL_SSL*? > > Please help me this is *VERY IMPORTANT* for the project I am working on and > this issue is considered a blocker. I am also an experienced Java programmer > and I am willing to contribute if necessary to the open source code for such > implementation if the need may be. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (CAMEL-12596) Camel-Kafka security protocol SASL_PLAINTEXT not supported
[ https://issues.apache.org/jira/browse/CAMEL-12596?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16531025#comment-16531025 ] Dmitry Volodin commented on CAMEL-12596: [~macuzil] at the first step of reproducing, you don't need to recreate whole env with AD, real users and sending messages. You just need to define why it's not bootstrapping with ActiveMQ and, next got Kerberos exception after sending a message. > Camel-Kafka security protocol SASL_PLAINTEXT not supported > -- > > Key: CAMEL-12596 > URL: https://issues.apache.org/jira/browse/CAMEL-12596 > Project: Camel > Issue Type: Improvement > Components: camel-kafka >Affects Versions: 2.21.1 > Environment: * ActiveMQ v5.15.4 > * Camel:2.21.1 > * Kafka Clients: 1.1.0 > * Server Version: Apache/2.4.6(CentOS) >Reporter: Lizuca Mihaescu >Priority: Major > Attachments: camel.xml, camel.xml > > > I need to route ActiveMQ messages to Kafka(Cloudera) through Camel using > authentication protocol Kerberos. > > Kafka Security documentation states that it only supports *SASL_PLAINTEXT* > and *SASL_SSL* for Kerberos: > [https://www.cloudera.com/documentation/kafka/2-0-x/topics/kafka_security.html] > > | ** |*SSL*|*Kerberos*| > |PLAINTEXT|No|No| > |SSL|Yes|No| > |SASL_PLAINTEXT|No|Yes| > |SASL_SSL|Yes|Yes| > > > > On the other hand when I try to use *SASL_PLAINTEXT* for security protocol in > Camel I am getting an error during the ActiveMQ starting. As a result > ActiveMQ will not start. > > I took the latest Camel code from: [https://github.com/apache/camel.git] and > it states that it only supports *SSL* and *PLAINTEXT* as security protocols > values. > > | *securityProtocol* (security) | Protocol used to communicate with brokers. > Currently only PLAINTEXT and SSL are supported. | PLAINTEXT | String > > > I did find this solved issue: [https://access.redhat.com/solutions/3364871] > but I did not find any evidence that this is working in the latest Camel > version. > > My Camel setup fragment is: > {code:java} > uri="kafka://10.100.70.00:9092?topic=MyEvents.s1.v1&brokers=10.100.70.00:9092&requestTimeoutMs=305000&retries=3&keySerializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&saslMechanism=GSSAPI&serializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&securityProtocol=SASL_PLAINTEXT&saslKerberosServiceName=kafka"/>{code} > > I am using an external Jaas configuration file: > {code:java} > KafkaClient { > com.sun.security.auth.module.Krb5LoginModule required > useKeyTab=true > storeKey=true > keyTab="./user.keytab" > useTicketCache=false > serviceName="kafka" > principal=" Group/u...@domain.lan"; > };{code} > Why Camel does not support *SASL_PLAINTEXT* *and* *SASL_SSL*? > > Please help me this is *VERY IMPORTANT* for the project I am working on and > this issue is considered a blocker. I am also an experienced Java programmer > and I am willing to contribute if necessary to the open source code for such > implementation if the need may be. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (CAMEL-12596) Camel-Kafka security protocol SASL_PLAINTEXT not supported
[ https://issues.apache.org/jira/browse/CAMEL-12596?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16531008#comment-16531008 ] Andrea Cosentino commented on CAMEL-12596: -- I agree with [~dmvolod] > Camel-Kafka security protocol SASL_PLAINTEXT not supported > -- > > Key: CAMEL-12596 > URL: https://issues.apache.org/jira/browse/CAMEL-12596 > Project: Camel > Issue Type: Improvement > Components: camel-kafka >Affects Versions: 2.21.1 > Environment: * ActiveMQ v5.15.4 > * Camel:2.21.1 > * Kafka Clients: 1.1.0 > * Server Version: Apache/2.4.6(CentOS) >Reporter: Lizuca Mihaescu >Priority: Major > Attachments: camel.xml, camel.xml > > > I need to route ActiveMQ messages to Kafka(Cloudera) through Camel using > authentication protocol Kerberos. > > Kafka Security documentation states that it only supports *SASL_PLAINTEXT* > and *SASL_SSL* for Kerberos: > [https://www.cloudera.com/documentation/kafka/2-0-x/topics/kafka_security.html] > > | ** |*SSL*|*Kerberos*| > |PLAINTEXT|No|No| > |SSL|Yes|No| > |SASL_PLAINTEXT|No|Yes| > |SASL_SSL|Yes|Yes| > > > > On the other hand when I try to use *SASL_PLAINTEXT* for security protocol in > Camel I am getting an error during the ActiveMQ starting. As a result > ActiveMQ will not start. > > I took the latest Camel code from: [https://github.com/apache/camel.git] and > it states that it only supports *SSL* and *PLAINTEXT* as security protocols > values. > > | *securityProtocol* (security) | Protocol used to communicate with brokers. > Currently only PLAINTEXT and SSL are supported. | PLAINTEXT | String > > > I did find this solved issue: [https://access.redhat.com/solutions/3364871] > but I did not find any evidence that this is working in the latest Camel > version. > > My Camel setup fragment is: > {code:java} > uri="kafka://10.100.70.00:9092?topic=MyEvents.s1.v1&brokers=10.100.70.00:9092&requestTimeoutMs=305000&retries=3&keySerializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&saslMechanism=GSSAPI&serializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&securityProtocol=SASL_PLAINTEXT&saslKerberosServiceName=kafka"/>{code} > > I am using an external Jaas configuration file: > {code:java} > KafkaClient { > com.sun.security.auth.module.Krb5LoginModule required > useKeyTab=true > storeKey=true > keyTab="./user.keytab" > useTicketCache=false > serviceName="kafka" > principal=" Group/u...@domain.lan"; > };{code} > Why Camel does not support *SASL_PLAINTEXT* *and* *SASL_SSL*? > > Please help me this is *VERY IMPORTANT* for the project I am working on and > this issue is considered a blocker. I am also an experienced Java programmer > and I am willing to contribute if necessary to the open source code for such > implementation if the need may be. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (CAMEL-12596) Camel-Kafka security protocol SASL_PLAINTEXT not supported
[ https://issues.apache.org/jira/browse/CAMEL-12596?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16531005#comment-16531005 ] Andrea Cosentino commented on CAMEL-12596: -- No, I don't. The environment is too complex, you need to create a minimized reproducer, so we can try it and see what happens. Also remember that Camel 2.21.1 is based on Kafka-clients 1.0.0 and not 1.1.0 > Camel-Kafka security protocol SASL_PLAINTEXT not supported > -- > > Key: CAMEL-12596 > URL: https://issues.apache.org/jira/browse/CAMEL-12596 > Project: Camel > Issue Type: Improvement > Components: camel-kafka >Affects Versions: 2.21.1 > Environment: * ActiveMQ v5.15.4 > * Camel:2.21.1 > * Kafka Clients: 1.1.0 > * Server Version: Apache/2.4.6(CentOS) >Reporter: Lizuca Mihaescu >Priority: Major > Attachments: camel.xml, camel.xml > > > I need to route ActiveMQ messages to Kafka(Cloudera) through Camel using > authentication protocol Kerberos. > > Kafka Security documentation states that it only supports *SASL_PLAINTEXT* > and *SASL_SSL* for Kerberos: > [https://www.cloudera.com/documentation/kafka/2-0-x/topics/kafka_security.html] > > | ** |*SSL*|*Kerberos*| > |PLAINTEXT|No|No| > |SSL|Yes|No| > |SASL_PLAINTEXT|No|Yes| > |SASL_SSL|Yes|Yes| > > > > On the other hand when I try to use *SASL_PLAINTEXT* for security protocol in > Camel I am getting an error during the ActiveMQ starting. As a result > ActiveMQ will not start. > > I took the latest Camel code from: [https://github.com/apache/camel.git] and > it states that it only supports *SSL* and *PLAINTEXT* as security protocols > values. > > | *securityProtocol* (security) | Protocol used to communicate with brokers. > Currently only PLAINTEXT and SSL are supported. | PLAINTEXT | String > > > I did find this solved issue: [https://access.redhat.com/solutions/3364871] > but I did not find any evidence that this is working in the latest Camel > version. > > My Camel setup fragment is: > {code:java} > uri="kafka://10.100.70.00:9092?topic=MyEvents.s1.v1&brokers=10.100.70.00:9092&requestTimeoutMs=305000&retries=3&keySerializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&saslMechanism=GSSAPI&serializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&securityProtocol=SASL_PLAINTEXT&saslKerberosServiceName=kafka"/>{code} > > I am using an external Jaas configuration file: > {code:java} > KafkaClient { > com.sun.security.auth.module.Krb5LoginModule required > useKeyTab=true > storeKey=true > keyTab="./user.keytab" > useTicketCache=false > serviceName="kafka" > principal=" Group/u...@domain.lan"; > };{code} > Why Camel does not support *SASL_PLAINTEXT* *and* *SASL_SSL*? > > Please help me this is *VERY IMPORTANT* for the project I am working on and > this issue is considered a blocker. I am also an experienced Java programmer > and I am willing to contribute if necessary to the open source code for such > implementation if the need may be. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (CAMEL-12596) Camel-Kafka security protocol SASL_PLAINTEXT not supported
[ https://issues.apache.org/jira/browse/CAMEL-12596?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16530996#comment-16530996 ] Lizuca Mihaescu commented on CAMEL-12596: - [~ancosen] The entire setup is complex and in a production environment :( therefore I cannot give you access. I can try to describe here the setup in hope you can might be able to give me some advice. Please do not close this issue. I will try to investigate on my own what is going on and try to create a smaller environment. Additional libraries: camel-core-2.21.1.jar camel-jms-2.21.1.jar camel-kafka-2.21.1.jar camel-spring-2.21.1.jar kafka-clients-1.1.0.jar Using Active Directory with user@DOMAIN Camel file: [^camel.xml] Verified KeyTab file for user@DOMAIN The main problem is that although the logging is set to DEBUG I cannot see any ERROR or WARN into the logs but just that the ActiveMQ shuts down after Kafka parameter setup. Some other peculiarity is that as soon as I only change SASL_PLAINTEXT to PLAINTEXT ActiveMQ starts up just fine. So, it would be fine if I can get some sort of ERROR or WARN to tell me it is something wrong with my Camel setup. I believe this you can see on your side, I mean the missed error handling. Do you have any integration testing for Camel Kafka Kerberos on your side? > Camel-Kafka security protocol SASL_PLAINTEXT not supported > -- > > Key: CAMEL-12596 > URL: https://issues.apache.org/jira/browse/CAMEL-12596 > Project: Camel > Issue Type: Improvement > Components: camel-kafka >Affects Versions: 2.21.1 > Environment: * ActiveMQ v5.15.4 > * Camel:2.21.1 > * Kafka Clients: 1.1.0 > * Server Version: Apache/2.4.6(CentOS) >Reporter: Lizuca Mihaescu >Priority: Major > Attachments: camel.xml, camel.xml > > > I need to route ActiveMQ messages to Kafka(Cloudera) through Camel using > authentication protocol Kerberos. > > Kafka Security documentation states that it only supports *SASL_PLAINTEXT* > and *SASL_SSL* for Kerberos: > [https://www.cloudera.com/documentation/kafka/2-0-x/topics/kafka_security.html] > > | ** |*SSL*|*Kerberos*| > |PLAINTEXT|No|No| > |SSL|Yes|No| > |SASL_PLAINTEXT|No|Yes| > |SASL_SSL|Yes|Yes| > > > > On the other hand when I try to use *SASL_PLAINTEXT* for security protocol in > Camel I am getting an error during the ActiveMQ starting. As a result > ActiveMQ will not start. > > I took the latest Camel code from: [https://github.com/apache/camel.git] and > it states that it only supports *SSL* and *PLAINTEXT* as security protocols > values. > > | *securityProtocol* (security) | Protocol used to communicate with brokers. > Currently only PLAINTEXT and SSL are supported. | PLAINTEXT | String > > > I did find this solved issue: [https://access.redhat.com/solutions/3364871] > but I did not find any evidence that this is working in the latest Camel > version. > > My Camel setup fragment is: > {code:java} > uri="kafka://10.100.70.00:9092?topic=MyEvents.s1.v1&brokers=10.100.70.00:9092&requestTimeoutMs=305000&retries=3&keySerializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&saslMechanism=GSSAPI&serializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&securityProtocol=SASL_PLAINTEXT&saslKerberosServiceName=kafka"/>{code} > > I am using an external Jaas configuration file: > {code:java} > KafkaClient { > com.sun.security.auth.module.Krb5LoginModule required > useKeyTab=true > storeKey=true > keyTab="./user.keytab" > useTicketCache=false > serviceName="kafka" > principal=" Group/u...@domain.lan"; > };{code} > Why Camel does not support *SASL_PLAINTEXT* *and* *SASL_SSL*? > > Please help me this is *VERY IMPORTANT* for the project I am working on and > this issue is considered a blocker. I am also an experienced Java programmer > and I am willing to contribute if necessary to the open source code for such > implementation if the need may be. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (CAMEL-12596) Camel-Kafka security protocol SASL_PLAINTEXT not supported
[ https://issues.apache.org/jira/browse/CAMEL-12596?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16530973#comment-16530973 ] Dmitry Volodin commented on CAMEL-12596: [~macuzil] could you create a much more simple reproducer based on the latest camel release, embedded ActiveMQ broker and plain Kafka (without Cloudera setup) and publish it to github to investigate this problem? As Andrea said above, it's very dangerous to start high important project without product enterprise (with guarantied SLA) support. > Camel-Kafka security protocol SASL_PLAINTEXT not supported > -- > > Key: CAMEL-12596 > URL: https://issues.apache.org/jira/browse/CAMEL-12596 > Project: Camel > Issue Type: Improvement > Components: camel-kafka >Affects Versions: 2.21.1 > Environment: * ActiveMQ v5.15.4 > * Camel:2.21.1 > * Kafka Clients: 1.1.0 > * Server Version: Apache/2.4.6(CentOS) >Reporter: Lizuca Mihaescu >Priority: Major > Attachments: camel.xml, camel.xml > > > I need to route ActiveMQ messages to Kafka(Cloudera) through Camel using > authentication protocol Kerberos. > > Kafka Security documentation states that it only supports *SASL_PLAINTEXT* > and *SASL_SSL* for Kerberos: > [https://www.cloudera.com/documentation/kafka/2-0-x/topics/kafka_security.html] > > | ** |*SSL*|*Kerberos*| > |PLAINTEXT|No|No| > |SSL|Yes|No| > |SASL_PLAINTEXT|No|Yes| > |SASL_SSL|Yes|Yes| > > > > On the other hand when I try to use *SASL_PLAINTEXT* for security protocol in > Camel I am getting an error during the ActiveMQ starting. As a result > ActiveMQ will not start. > > I took the latest Camel code from: [https://github.com/apache/camel.git] and > it states that it only supports *SSL* and *PLAINTEXT* as security protocols > values. > > | *securityProtocol* (security) | Protocol used to communicate with brokers. > Currently only PLAINTEXT and SSL are supported. | PLAINTEXT | String > > > I did find this solved issue: [https://access.redhat.com/solutions/3364871] > but I did not find any evidence that this is working in the latest Camel > version. > > My Camel setup fragment is: > {code:java} > uri="kafka://10.100.70.00:9092?topic=MyEvents.s1.v1&brokers=10.100.70.00:9092&requestTimeoutMs=305000&retries=3&keySerializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&saslMechanism=GSSAPI&serializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&securityProtocol=SASL_PLAINTEXT&saslKerberosServiceName=kafka"/>{code} > > I am using an external Jaas configuration file: > {code:java} > KafkaClient { > com.sun.security.auth.module.Krb5LoginModule required > useKeyTab=true > storeKey=true > keyTab="./user.keytab" > useTicketCache=false > serviceName="kafka" > principal=" Group/u...@domain.lan"; > };{code} > Why Camel does not support *SASL_PLAINTEXT* *and* *SASL_SSL*? > > Please help me this is *VERY IMPORTANT* for the project I am working on and > this issue is considered a blocker. I am also an experienced Java programmer > and I am willing to contribute if necessary to the open source code for such > implementation if the need may be. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (CAMEL-12596) Camel-Kafka security protocol SASL_PLAINTEXT not supported
[ https://issues.apache.org/jira/browse/CAMEL-12596?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16530236#comment-16530236 ] Andrea Cosentino commented on CAMEL-12596: -- Please send the entire setup if you can > Camel-Kafka security protocol SASL_PLAINTEXT not supported > -- > > Key: CAMEL-12596 > URL: https://issues.apache.org/jira/browse/CAMEL-12596 > Project: Camel > Issue Type: Improvement > Components: camel-kafka >Affects Versions: 2.21.1 > Environment: * ActiveMQ v5.15.4 > * Camel:2.21.1 > * Kafka Clients: 1.1.0 > * Server Version: Apache/2.4.6(CentOS) >Reporter: Lizuca Mihaescu >Priority: Major > > I need to route ActiveMQ messages to Kafka(Cloudera) through Camel using > authentication protocol Kerberos. > > Kafka Security documentation states that it only supports *SASL_PLAINTEXT* > and *SASL_SSL* for Kerberos: > [https://www.cloudera.com/documentation/kafka/2-0-x/topics/kafka_security.html] > > | ** |*SSL*|*Kerberos*| > |PLAINTEXT|No|No| > |SSL|Yes|No| > |SASL_PLAINTEXT|No|Yes| > |SASL_SSL|Yes|Yes| > > > > On the other hand when I try to use *SASL_PLAINTEXT* for security protocol in > Camel I am getting an error during the ActiveMQ starting. As a result > ActiveMQ will not start. > > I took the latest Camel code from: [https://github.com/apache/camel.git] and > it states that it only supports *SSL* and *PLAINTEXT* as security protocols > values. > > | *securityProtocol* (security) | Protocol used to communicate with brokers. > Currently only PLAINTEXT and SSL are supported. | PLAINTEXT | String > > > I did find this solved issue: [https://access.redhat.com/solutions/3364871] > but I did not find any evidence that this is working in the latest Camel > version. > > My Camel setup fragment is: > {code:java} > uri="kafka://10.100.70.00:9092?topic=MyEvents.s1.v1&brokers=10.100.70.00:9092&requestTimeoutMs=305000&retries=3&keySerializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&saslMechanism=GSSAPI&serializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&securityProtocol=SASL_PLAINTEXT&saslKerberosServiceName=kafka"/>{code} > > I am using an external Jaas configuration file: > {code:java} > KafkaClient { > com.sun.security.auth.module.Krb5LoginModule required > useKeyTab=true > storeKey=true > keyTab="./user.keytab" > useTicketCache=false > serviceName="kafka" > principal=" Group/u...@domain.lan"; > };{code} > Why Camel does not support *SASL_PLAINTEXT* *and* *SASL_SSL*? > > Please help me this is *VERY IMPORTANT* for the project I am working on and > this issue is considered a blocker. I am also an experienced Java programmer > and I am willing to contribute if necessary to the open source code for such > implementation if the need may be. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (CAMEL-12596) Camel-Kafka security protocol SASL_PLAINTEXT not supported
[ https://issues.apache.org/jira/browse/CAMEL-12596?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16530213#comment-16530213 ] Lizuca Mihaescu commented on CAMEL-12596: - Thank you [~ancosen] I understand now a bit more :). Now the fact that I am not getting any error into the log and ActiveMQ shuts down unexpectedly does not help me investigate what is going on :(. I know it must be something wrong with parameters that I pass (most likely Kerberos related) but I have no clue what. Can you please check and point out what might be wrong? If you need more information from me I can send you my entire setup. > Camel-Kafka security protocol SASL_PLAINTEXT not supported > -- > > Key: CAMEL-12596 > URL: https://issues.apache.org/jira/browse/CAMEL-12596 > Project: Camel > Issue Type: Improvement > Components: camel-kafka >Affects Versions: 2.21.1 > Environment: * ActiveMQ v5.15.4 > * Camel:2.21.1 > * Kafka Clients: 1.1.0 > * Server Version: Apache/2.4.6(CentOS) >Reporter: Lizuca Mihaescu >Priority: Major > > I need to route ActiveMQ messages to Kafka(Cloudera) through Camel using > authentication protocol Kerberos. > > Kafka Security documentation states that it only supports *SASL_PLAINTEXT* > and *SASL_SSL* for Kerberos: > [https://www.cloudera.com/documentation/kafka/2-0-x/topics/kafka_security.html] > > | ** |*SSL*|*Kerberos*| > |PLAINTEXT|No|No| > |SSL|Yes|No| > |SASL_PLAINTEXT|No|Yes| > |SASL_SSL|Yes|Yes| > > > > On the other hand when I try to use *SASL_PLAINTEXT* for security protocol in > Camel I am getting an error during the ActiveMQ starting. As a result > ActiveMQ will not start. > > I took the latest Camel code from: [https://github.com/apache/camel.git] and > it states that it only supports *SSL* and *PLAINTEXT* as security protocols > values. > > | *securityProtocol* (security) | Protocol used to communicate with brokers. > Currently only PLAINTEXT and SSL are supported. | PLAINTEXT | String > > > I did find this solved issue: [https://access.redhat.com/solutions/3364871] > but I did not find any evidence that this is working in the latest Camel > version. > > My Camel setup fragment is: > {code:java} > uri="kafka://10.100.70.00:9092?topic=MyEvents.s1.v1&brokers=10.100.70.00:9092&requestTimeoutMs=305000&retries=3&keySerializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&saslMechanism=GSSAPI&serializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&securityProtocol=SASL_PLAINTEXT&saslKerberosServiceName=kafka"/>{code} > > I am using an external Jaas configuration file: > {code:java} > KafkaClient { > com.sun.security.auth.module.Krb5LoginModule required > useKeyTab=true > storeKey=true > keyTab="./user.keytab" > useTicketCache=false > serviceName="kafka" > principal=" Group/u...@domain.lan"; > };{code} > Why Camel does not support *SASL_PLAINTEXT* *and* *SASL_SSL*? > > Please help me this is *VERY IMPORTANT* for the project I am working on and > this issue is considered a blocker. I am also an experienced Java programmer > and I am willing to contribute if necessary to the open source code for such > implementation if the need may be. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (CAMEL-12596) Camel-Kafka security protocol SASL_PLAINTEXT not supported
[ https://issues.apache.org/jira/browse/CAMEL-12596?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16530196#comment-16530196 ] Andrea Cosentino commented on CAMEL-12596: -- We write that at the time, because we take the docs from the Kafka official documentation and use that to illustrate what each option means. > Camel-Kafka security protocol SASL_PLAINTEXT not supported > -- > > Key: CAMEL-12596 > URL: https://issues.apache.org/jira/browse/CAMEL-12596 > Project: Camel > Issue Type: Improvement > Components: camel-kafka >Affects Versions: 2.21.1 > Environment: * ActiveMQ v5.15.4 > * Camel:2.21.1 > * Kafka Clients: 1.1.0 > * Server Version: Apache/2.4.6(CentOS) >Reporter: Lizuca Mihaescu >Priority: Major > > I need to route ActiveMQ messages to Kafka(Cloudera) through Camel using > authentication protocol Kerberos. > > Kafka Security documentation states that it only supports *SASL_PLAINTEXT* > and *SASL_SSL* for Kerberos: > [https://www.cloudera.com/documentation/kafka/2-0-x/topics/kafka_security.html] > > | ** |*SSL*|*Kerberos*| > |PLAINTEXT|No|No| > |SSL|Yes|No| > |SASL_PLAINTEXT|No|Yes| > |SASL_SSL|Yes|Yes| > > > > On the other hand when I try to use *SASL_PLAINTEXT* for security protocol in > Camel I am getting an error during the ActiveMQ starting. As a result > ActiveMQ will not start. > > I took the latest Camel code from: [https://github.com/apache/camel.git] and > it states that it only supports *SSL* and *PLAINTEXT* as security protocols > values. > > | *securityProtocol* (security) | Protocol used to communicate with brokers. > Currently only PLAINTEXT and SSL are supported. | PLAINTEXT | String > > > I did find this solved issue: [https://access.redhat.com/solutions/3364871] > but I did not find any evidence that this is working in the latest Camel > version. > > My Camel setup fragment is: > {code:java} > uri="kafka://10.100.70.00:9092?topic=MyEvents.s1.v1&brokers=10.100.70.00:9092&requestTimeoutMs=305000&retries=3&keySerializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&saslMechanism=GSSAPI&serializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&securityProtocol=SASL_PLAINTEXT&saslKerberosServiceName=kafka"/>{code} > > I am using an external Jaas configuration file: > {code:java} > KafkaClient { > com.sun.security.auth.module.Krb5LoginModule required > useKeyTab=true > storeKey=true > keyTab="./user.keytab" > useTicketCache=false > serviceName="kafka" > principal=" Group/u...@domain.lan"; > };{code} > Why Camel does not support *SASL_PLAINTEXT* *and* *SASL_SSL*? > > Please help me this is *VERY IMPORTANT* for the project I am working on and > this issue is considered a blocker. I am also an experienced Java programmer > and I am willing to contribute if necessary to the open source code for such > implementation if the need may be. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (CAMEL-12596) Camel-Kafka security protocol SASL_PLAINTEXT not supported
[ https://issues.apache.org/jira/browse/CAMEL-12596?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16530189#comment-16530189 ] Andrea Cosentino commented on CAMEL-12596: -- Because when we did that javadoc we take what it was inside the Kafka client docs at that time. [https://github.com/apache/camel/commit/b2aa831da8c8f78f7d6ca908c5b33957bbc7fa24] SASL_PLAINTEXT and SASL_SSL was introduced in 0.9.x > Camel-Kafka security protocol SASL_PLAINTEXT not supported > -- > > Key: CAMEL-12596 > URL: https://issues.apache.org/jira/browse/CAMEL-12596 > Project: Camel > Issue Type: Improvement > Components: camel-kafka >Affects Versions: 2.21.1 > Environment: * ActiveMQ v5.15.4 > * Camel:2.21.1 > * Kafka Clients: 1.1.0 > * Server Version: Apache/2.4.6(CentOS) >Reporter: Lizuca Mihaescu >Priority: Major > > I need to route ActiveMQ messages to Kafka(Cloudera) through Camel using > authentication protocol Kerberos. > > Kafka Security documentation states that it only supports *SASL_PLAINTEXT* > and *SASL_SSL* for Kerberos: > [https://www.cloudera.com/documentation/kafka/2-0-x/topics/kafka_security.html] > > | ** |*SSL*|*Kerberos*| > |PLAINTEXT|No|No| > |SSL|Yes|No| > |SASL_PLAINTEXT|No|Yes| > |SASL_SSL|Yes|Yes| > > > > On the other hand when I try to use *SASL_PLAINTEXT* for security protocol in > Camel I am getting an error during the ActiveMQ starting. As a result > ActiveMQ will not start. > > I took the latest Camel code from: [https://github.com/apache/camel.git] and > it states that it only supports *SSL* and *PLAINTEXT* as security protocols > values. > > | *securityProtocol* (security) | Protocol used to communicate with brokers. > Currently only PLAINTEXT and SSL are supported. | PLAINTEXT | String > > > I did find this solved issue: [https://access.redhat.com/solutions/3364871] > but I did not find any evidence that this is working in the latest Camel > version. > > My Camel setup fragment is: > {code:java} > uri="kafka://10.100.70.00:9092?topic=MyEvents.s1.v1&brokers=10.100.70.00:9092&requestTimeoutMs=305000&retries=3&keySerializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&saslMechanism=GSSAPI&serializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&securityProtocol=SASL_PLAINTEXT&saslKerberosServiceName=kafka"/>{code} > > I am using an external Jaas configuration file: > {code:java} > KafkaClient { > com.sun.security.auth.module.Krb5LoginModule required > useKeyTab=true > storeKey=true > keyTab="./user.keytab" > useTicketCache=false > serviceName="kafka" > principal=" Group/u...@domain.lan"; > };{code} > Why Camel does not support *SASL_PLAINTEXT* *and* *SASL_SSL*? > > Please help me this is *VERY IMPORTANT* for the project I am working on and > this issue is considered a blocker. I am also an experienced Java programmer > and I am willing to contribute if necessary to the open source code for such > implementation if the need may be. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (CAMEL-12596) Camel-Kafka security protocol SASL_PLAINTEXT not supported
[ https://issues.apache.org/jira/browse/CAMEL-12596?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16530182#comment-16530182 ] Lizuca Mihaescu commented on CAMEL-12596: - Unfortunately it is hard to explain what is going on :(. By trying various settings I got to the idea that SASL_PLAINTEXT is somehow not accepted. By looking into the Camel code where it states that only PLAINTEXT and SSL are supported I decided to come here and open this issue. Why would they write into the code that only SSL and PLAINTEXT are supported when more are supposedly supported? > Camel-Kafka security protocol SASL_PLAINTEXT not supported > -- > > Key: CAMEL-12596 > URL: https://issues.apache.org/jira/browse/CAMEL-12596 > Project: Camel > Issue Type: Improvement > Components: camel-kafka >Affects Versions: 2.21.1 > Environment: * ActiveMQ v5.15.4 > * Camel:2.21.1 > * Kafka Clients: 1.1.0 > * Server Version: Apache/2.4.6(CentOS) >Reporter: Lizuca Mihaescu >Priority: Major > > I need to route ActiveMQ messages to Kafka(Cloudera) through Camel using > authentication protocol Kerberos. > > Kafka Security documentation states that it only supports *SASL_PLAINTEXT* > and *SASL_SSL* for Kerberos: > [https://www.cloudera.com/documentation/kafka/2-0-x/topics/kafka_security.html] > > | ** |*SSL*|*Kerberos*| > |PLAINTEXT|No|No| > |SSL|Yes|No| > |SASL_PLAINTEXT|No|Yes| > |SASL_SSL|Yes|Yes| > > > > On the other hand when I try to use *SASL_PLAINTEXT* for security protocol in > Camel I am getting an error during the ActiveMQ starting. As a result > ActiveMQ will not start. > > I took the latest Camel code from: [https://github.com/apache/camel.git] and > it states that it only supports *SSL* and *PLAINTEXT* as security protocols > values. > > | *securityProtocol* (security) | Protocol used to communicate with brokers. > Currently only PLAINTEXT and SSL are supported. | PLAINTEXT | String > > > I did find this solved issue: [https://access.redhat.com/solutions/3364871] > but I did not find any evidence that this is working in the latest Camel > version. > > My Camel setup fragment is: > {code:java} > uri="kafka://10.100.70.00:9092?topic=MyEvents.s1.v1&brokers=10.100.70.00:9092&requestTimeoutMs=305000&retries=3&keySerializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&saslMechanism=GSSAPI&serializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&securityProtocol=SASL_PLAINTEXT&saslKerberosServiceName=kafka"/>{code} > > I am using an external Jaas configuration file: > {code:java} > KafkaClient { > com.sun.security.auth.module.Krb5LoginModule required > useKeyTab=true > storeKey=true > keyTab="./user.keytab" > useTicketCache=false > serviceName="kafka" > principal=" Group/u...@domain.lan"; > };{code} > Why Camel does not support *SASL_PLAINTEXT* *and* *SASL_SSL*? > > Please help me this is *VERY IMPORTANT* for the project I am working on and > this issue is considered a blocker. I am also an experienced Java programmer > and I am willing to contribute if necessary to the open source code for such > implementation if the need may be. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (CAMEL-12596) Camel-Kafka security protocol SASL_PLAINTEXT not supported
[ https://issues.apache.org/jira/browse/CAMEL-12596?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16530174#comment-16530174 ] Lizuca Mihaescu commented on CAMEL-12596: - ActiveMQ shuts down immediately after starting. There is no error into the log during shutdown: {code:java} acks = 1 batch.size = 16384 bootstrap.servers = [10.148.70.74:9092] buffer.memory = 33554432 client.id = compression.type = none connections.max.idle.ms = 54 enable.idempotence = false interceptor.classes = [] key.serializer = class org.apache.kafka.common.serialization.ByteArraySerializer linger.ms = 0 max.block.ms = 6 max.in.flight.requests.per.connection = 5 max.request.size = 1048576 metadata.max.age.ms = 30 metric.reporters = [] metrics.num.samples = 2 metrics.recording.level = INFO metrics.sample.window.ms = 3 partitioner.class = class org.apache.kafka.clients.producer.internals.DefaultPartitioner receive.buffer.bytes = 65536 reconnect.backoff.max.ms = 1000 reconnect.backoff.ms = 50 request.timeout.ms = 305000 retries = 3 retry.backoff.ms = 100 sasl.jaas.config = [hidden] sasl.kerberos.kinit.cmd = /usr/bin/kinit sasl.kerberos.min.time.before.relogin = 6 sasl.kerberos.service.name = kafka sasl.kerberos.ticket.renew.jitter = 0.05 sasl.kerberos.ticket.renew.window.factor = 0.8 sasl.mechanism = GSSAPI security.protocol = SASL_PLAINTEXT send.buffer.bytes = 131072 ssl.cipher.suites = null ssl.enabled.protocols = [TLSv1.2, TLSv1.1, TLSv1] ssl.endpoint.identification.algorithm = null ssl.key.password = null ssl.keymanager.algorithm = SunX509 ssl.keystore.location = null ssl.keystore.password = null ssl.keystore.type = JKS ssl.protocol = TLS ssl.provider = null ssl.secure.random.implementation = null ssl.trustmanager.algorithm = PKIX ssl.truststore.location = null ssl.truststore.password = null ssl.truststore.type = JKS transaction.timeout.ms = 6 transactional.id = null value.serializer = class org.apache.kafka.common.serialization.ByteArraySerializer{code} {code:java} 2018-07-02 18:27:16,382 | INFO | [Producer clientId=producer-1] Closing the Kafka producer with timeoutMillis = 0 ms. | org.apache.kafka.clients.producer.KafkaProducer | main 2018-07-02 18:27:16,384 | INFO | Apache Camel 2.21.0 (CamelContext: camel) is shutting down | org.apache.camel.spring.SpringCamelContext | main 2018-07-02 18:27:16,388 | DEBUG | Shutting down with no inflight threads. | org.apache.camel.impl.DefaultAsyncProcessorAwaitManager | main 2018-07-02 18:27:16,399 | DEBUG | Clearing simple language predicate cache[size=0, hits=0, misses=0, evicted=0] | org.apache.camel.language.simple.SimpleLanguage | main 2018-07-02 18:27:16,404 | DEBUG | Clearing simple language expression cache[size=1, hits=0, misses=1, evicted=0] | org.apache.camel.language.simple.SimpleLanguage | main 2018-07-02 18:27:16,407 | DEBUG | Unregistered MBean with ObjectName: org.apache.camel:context=camel,type=routecontrollers,name="camel" | org.apache.camel.management.DefaultManagementAgent | main 2018-07-02 18:27:16,410 | DEBUG | Unregistered MBean with ObjectName: org.apache.camel:context=camel,type=health,name="camel" | org.apache.camel.management.DefaultManagementAgent | main 2018-07-02 18:27:16,413 | DEBUG | Removed TimerListener: org.apache.camel.management.mbean.ManagedCamelContext@541179e7 | org.apache.camel.support.TimerListenerManager | main 2018-07-02 18:27:16,416 | DEBUG | Unregistered MBean with ObjectName: org.apache.camel:context=camel,type=context,name="camel" | org.apache.camel.management.DefaultManagementAgent | main 2018-07-02 18:27:16,419 | DEBUG | Shutting down with no inflight exchanges. | org.apache.camel.impl.DefaultInflightRepository | main 2018-07-02 18:27:16,422 | DEBUG | Stopping service pool: org.apache.camel.impl.SharedPollingConsumerServicePool@16e7b402 | org.apache.camel.impl.SharedPollingConsumerServicePool | main 2018-07-02 18:27:16,425 | DEBUG | Stopping service pool: org.apache.camel.impl.SharedProducerServicePool@2f00f851 | org.apache.camel.impl.SharedProducerServicePool | main 2018-07-02 18:27:16,428 | DEBUG | Giving time for 1 ExecutorService's to shutdown properly (acting as fail-safe) | org.apache.camel.impl.DefaultExecutorServiceManager | main 2018-07-02 18:27:16,434 | DEBUG | Shutdown of ExecutorService: java.util.concurrent.ThreadPoolExecutor@8bd86c8[Terminated, pool size = 0, active threads = 0, queued tasks = 0, completed tasks = 0] is shutdown: true and terminated: true took: 0.000 seconds. | org.apache.camel.impl.DefaultExecutorServiceManager | main 2018-07-02 18:27:16,437 | DEBUG | Unregistered MBean with ObjectName: org.apache.
[jira] [Commented] (CAMEL-12596) Camel-Kafka security protocol SASL_PLAINTEXT not supported
[ https://issues.apache.org/jira/browse/CAMEL-12596?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16529995#comment-16529995 ] Andrea Cosentino commented on CAMEL-12596: -- Can you please paste this verification error? > Camel-Kafka security protocol SASL_PLAINTEXT not supported > -- > > Key: CAMEL-12596 > URL: https://issues.apache.org/jira/browse/CAMEL-12596 > Project: Camel > Issue Type: Improvement > Components: camel-kafka >Affects Versions: 2.21.1 > Environment: * ActiveMQ v5.15.4 > * Camel:2.21.1 > * Kafka Clients: 1.1.0 > * Server Version: Apache/2.4.6(CentOS) >Reporter: Lizuca Mihaescu >Priority: Major > > I need to route ActiveMQ messages to Kafka(Cloudera) through Camel using > authentication protocol Kerberos. > > Kafka Security documentation states that it only supports *SASL_PLAINTEXT* > and *SASL_SSL* for Kerberos: > [https://www.cloudera.com/documentation/kafka/2-0-x/topics/kafka_security.html] > > | ** |*SSL*|*Kerberos*| > |PLAINTEXT|No|No| > |SSL|Yes|No| > |SASL_PLAINTEXT|No|Yes| > |SASL_SSL|Yes|Yes| > > > > On the other hand when I try to use *SASL_PLAINTEXT* for security protocol in > Camel I am getting an error during the ActiveMQ starting. As a result > ActiveMQ will not start. > > I took the latest Camel code from: [https://github.com/apache/camel.git] and > it states that it only supports *SSL* and *PLAINTEXT* as security protocols > values. > > | *securityProtocol* (security) | Protocol used to communicate with brokers. > Currently only PLAINTEXT and SSL are supported. | PLAINTEXT | String > > > I did find this solved issue: [https://access.redhat.com/solutions/3364871] > but I did not find any evidence that this is working in the latest Camel > version. > > My Camel setup fragment is: > {code:java} > uri="kafka://10.100.70.00:9092?topic=MyEvents.s1.v1&brokers=10.100.70.00:9092&requestTimeoutMs=305000&retries=3&keySerializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&saslMechanism=GSSAPI&serializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&securityProtocol=SASL_PLAINTEXT&saslKerberosServiceName=kafka"/>{code} > > I am using an external Jaas configuration file: > {code:java} > KafkaClient { > com.sun.security.auth.module.Krb5LoginModule required > useKeyTab=true > storeKey=true > keyTab="./user.keytab" > useTicketCache=false > serviceName="kafka" > principal=" Group/u...@domain.lan"; > };{code} > Why Camel does not support *SASL_PLAINTEXT* *and* *SASL_SSL*? > > Please help me this is *VERY IMPORTANT* for the project I am working on and > this issue is considered a blocker. I am also an experienced Java programmer > and I am willing to contribute if necessary to the open source code for such > implementation if the need may be. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (CAMEL-12596) Camel-Kafka security protocol SASL_PLAINTEXT not supported
[ https://issues.apache.org/jira/browse/CAMEL-12596?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16529990#comment-16529990 ] Lizuca Mihaescu commented on CAMEL-12596: - [~ancosen] Actually I've tried in the past all combinations with and without saslJaasConfig and it seems like SASL_PLAINTEXT with GSSAPI are the problem. As soon as I use PLAINTEXT instead of SASL_PLAINTEXT I get no verification problem. Do you have an explanation for this? I've tried configuration: {code:java} {code} > Camel-Kafka security protocol SASL_PLAINTEXT not supported > -- > > Key: CAMEL-12596 > URL: https://issues.apache.org/jira/browse/CAMEL-12596 > Project: Camel > Issue Type: Improvement > Components: camel-kafka >Affects Versions: 2.21.1 > Environment: * ActiveMQ v5.15.4 > * Camel:2.21.1 > * Kafka Clients: 1.1.0 > * Server Version: Apache/2.4.6(CentOS) >Reporter: Lizuca Mihaescu >Priority: Major > > I need to route ActiveMQ messages to Kafka(Cloudera) through Camel using > authentication protocol Kerberos. > > Kafka Security documentation states that it only supports *SASL_PLAINTEXT* > and *SASL_SSL* for Kerberos: > [https://www.cloudera.com/documentation/kafka/2-0-x/topics/kafka_security.html] > > | ** |*SSL*|*Kerberos*| > |PLAINTEXT|No|No| > |SSL|Yes|No| > |SASL_PLAINTEXT|No|Yes| > |SASL_SSL|Yes|Yes| > > > > On the other hand when I try to use *SASL_PLAINTEXT* for security protocol in > Camel I am getting an error during the ActiveMQ starting. As a result > ActiveMQ will not start. > > I took the latest Camel code from: [https://github.com/apache/camel.git] and > it states that it only supports *SSL* and *PLAINTEXT* as security protocols > values. > > | *securityProtocol* (security) | Protocol used to communicate with brokers. > Currently only PLAINTEXT and SSL are supported. | PLAINTEXT | String > > > I did find this solved issue: [https://access.redhat.com/solutions/3364871] > but I did not find any evidence that this is working in the latest Camel > version. > > My Camel setup fragment is: > {code:java} > uri="kafka://10.100.70.00:9092?topic=MyEvents.s1.v1&brokers=10.100.70.00:9092&requestTimeoutMs=305000&retries=3&keySerializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&saslMechanism=GSSAPI&serializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&securityProtocol=SASL_PLAINTEXT&saslKerberosServiceName=kafka"/>{code} > > I am using an external Jaas configuration file: > {code:java} > KafkaClient { > com.sun.security.auth.module.Krb5LoginModule required > useKeyTab=true > storeKey=true > keyTab="./user.keytab" > useTicketCache=false > serviceName="kafka" > principal=" Group/u...@domain.lan"; > };{code} > Why Camel does not support *SASL_PLAINTEXT* *and* *SASL_SSL*? > > Please help me this is *VERY IMPORTANT* for the project I am working on and > this issue is considered a blocker. I am also an experienced Java programmer > and I am willing to contribute if necessary to the open source code for such > implementation if the need may be. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (CAMEL-12596) Camel-Kafka security protocol SASL_PLAINTEXT not supported
[ https://issues.apache.org/jira/browse/CAMEL-12596?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16529933#comment-16529933 ] Andrea Cosentino commented on CAMEL-12596: -- Please try to specify the saslJaasConfig option with the content of your Jaas Config external file. Like for example: {code:java} String saslJaasConfig = "com.sun.security.auth.module.Krb5LoginModule required " + "useTicketCache=false " + "storeKey=true " + "serviceName=\"kafka\" " + "useKeyTab=true " + "keyTab=\"./user.keytab\" " + "principal=\"u...@example.com\";"); {code} and in your endpoint {code:java} "kafka://10.100.70.00:9092?topic=MyEvents.s1.v1&brokers=10.100.70.00:9092&requestTimeoutMs=305000&retries=3&keySerializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&saslMechanism=GSSAPI&serializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&securityProtocol=SASL_PLAINTEXT&saslJaasConfig=" + saslJaasConfig {code} I didn't test it, but I believe the problem is there. > Camel-Kafka security protocol SASL_PLAINTEXT not supported > -- > > Key: CAMEL-12596 > URL: https://issues.apache.org/jira/browse/CAMEL-12596 > Project: Camel > Issue Type: Improvement > Components: camel-kafka >Affects Versions: 2.21.1 > Environment: * ActiveMQ v5.15.4 > * Camel:2.21.1 > * Kafka Clients: 1.1.0 > * Server Version: Apache/2.4.6(CentOS) >Reporter: Lizuca Mihaescu >Priority: Major > > I need to route ActiveMQ messages to Kafka(Cloudera) through Camel using > authentication protocol Kerberos. > > Kafka Security documentation states that it only supports *SASL_PLAINTEXT* > and *SASL_SSL* for Kerberos: > [https://www.cloudera.com/documentation/kafka/2-0-x/topics/kafka_security.html] > > | ** |*SSL*|*Kerberos*| > |PLAINTEXT|No|No| > |SSL|Yes|No| > |SASL_PLAINTEXT|No|Yes| > |SASL_SSL|Yes|Yes| > > > > On the other hand when I try to use *SASL_PLAINTEXT* for security protocol in > Camel I am getting an error during the ActiveMQ starting. As a result > ActiveMQ will not start. > > I took the latest Camel code from: [https://github.com/apache/camel.git] and > it states that it only supports *SSL* and *PLAINTEXT* as security protocols > values. > > | *securityProtocol* (security) | Protocol used to communicate with brokers. > Currently only PLAINTEXT and SSL are supported. | PLAINTEXT | String > > > I did find this solved issue: [https://access.redhat.com/solutions/3364871] > but I did not find any evidence that this is working in the latest Camel > version. > > My Camel setup fragment is: > {code:java} > uri="kafka://10.100.70.00:9092?topic=MyEvents.s1.v1&brokers=10.100.70.00:9092&requestTimeoutMs=305000&retries=3&keySerializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&saslMechanism=GSSAPI&serializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&securityProtocol=SASL_PLAINTEXT&saslKerberosServiceName=kafka"/>{code} > > I am using an external Jaas configuration file: > {code:java} > KafkaClient { > com.sun.security.auth.module.Krb5LoginModule required > useKeyTab=true > storeKey=true > keyTab="./user.keytab" > useTicketCache=false > serviceName="kafka" > principal=" Group/u...@domain.lan"; > };{code} > Why Camel does not support *SASL_PLAINTEXT* *and* *SASL_SSL*? > > Please help me this is *VERY IMPORTANT* for the project I am working on and > this issue is considered a blocker. I am also an experienced Java programmer > and I am willing to contribute if necessary to the open source code for such > implementation if the need may be. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (CAMEL-12596) Camel-Kafka security protocol SASL_PLAINTEXT not supported
[ https://issues.apache.org/jira/browse/CAMEL-12596?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16529900#comment-16529900 ] Andrea Cosentino commented on CAMEL-12596: -- By the way to me it looks always a problem in the way you're configuring your endpoint. [https://github.com/apache/kafka/blob/1.0/clients/src/main/java/org/apache/kafka/common/security/auth/SecurityProtocol.java] The SASL_PLAINTEXT security Protocol is accepted by Camel. If you can add a bit of logging it would be better. > Camel-Kafka security protocol SASL_PLAINTEXT not supported > -- > > Key: CAMEL-12596 > URL: https://issues.apache.org/jira/browse/CAMEL-12596 > Project: Camel > Issue Type: Improvement > Components: camel-kafka >Affects Versions: 2.21.1 > Environment: * ActiveMQ v5.15.4 > * Camel:2.21.1 > * Kafka Clients: 1.1.0 > * Server Version: Apache/2.4.6(CentOS) >Reporter: Lizuca Mihaescu >Priority: Major > > I need to route ActiveMQ messages to Kafka(Cloudera) through Camel using > authentication protocol Kerberos. > > Kafka Security documentation states that it only supports *SASL_PLAINTEXT* > and *SASL_SSL* for Kerberos: > [https://www.cloudera.com/documentation/kafka/2-0-x/topics/kafka_security.html] > > | ** |*SSL*|*Kerberos*| > |PLAINTEXT|No|No| > |SSL|Yes|No| > |SASL_PLAINTEXT|No|Yes| > |SASL_SSL|Yes|Yes| > > > > On the other hand when I try to use *SASL_PLAINTEXT* for security protocol in > Camel I am getting an error during the ActiveMQ starting. As a result > ActiveMQ will not start. > > I took the latest Camel code from: [https://github.com/apache/camel.git] and > it states that it only supports *SSL* and *PLAINTEXT* as security protocols > values. > > | *securityProtocol* (security) | Protocol used to communicate with brokers. > Currently only PLAINTEXT and SSL are supported. | PLAINTEXT | String > > > I did find this solved issue: [https://access.redhat.com/solutions/3364871] > but I did not find any evidence that this is working in the latest Camel > version. > > My Camel setup fragment is: > {code:java} > uri="kafka://10.100.70.00:9092?topic=MyEvents.s1.v1&brokers=10.100.70.00:9092&requestTimeoutMs=305000&retries=3&keySerializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&saslMechanism=GSSAPI&serializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&securityProtocol=SASL_PLAINTEXT&saslKerberosServiceName=kafka"/>{code} > > I am using an external Jaas configuration file: > {code:java} > KafkaClient { > com.sun.security.auth.module.Krb5LoginModule required > useKeyTab=true > storeKey=true > keyTab="./user.keytab" > useTicketCache=false > serviceName="kafka" > principal=" Group/u...@domain.lan"; > };{code} > Why Camel does not support *SASL_PLAINTEXT* *and* *SASL_SSL*? > > Please help me this is *VERY IMPORTANT* for the project I am working on and > this issue is considered a blocker. I am also an experienced Java programmer > and I am willing to contribute if necessary to the open source code for such > implementation if the need may be. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (CAMEL-12596) Camel-Kafka security protocol SASL_PLAINTEXT not supported
[ https://issues.apache.org/jira/browse/CAMEL-12596?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16529721#comment-16529721 ] Andrea Cosentino commented on CAMEL-12596: -- The SASL_PLAINTEXT parameter is not accepted in combination with GSSAPI as saslMechanism > Camel-Kafka security protocol SASL_PLAINTEXT not supported > -- > > Key: CAMEL-12596 > URL: https://issues.apache.org/jira/browse/CAMEL-12596 > Project: Camel > Issue Type: Improvement > Components: camel-kafka >Affects Versions: 2.21.1 > Environment: * ActiveMQ v5.15.4 > * Camel:2.21.1 > * Kafka Clients: 1.1.0 > * Server Version: Apache/2.4.6(CentOS) >Reporter: Lizuca Mihaescu >Priority: Major > > I need to route ActiveMQ messages to Kafka(Cloudera) through Camel using > authentication protocol Kerberos. > > Kafka Security documentation states that it only supports *SASL_PLAINTEXT* > and *SASL_SSL* for Kerberos: > [https://www.cloudera.com/documentation/kafka/2-0-x/topics/kafka_security.html] > > | ** |*SSL*|*Kerberos*| > |PLAINTEXT|No|No| > |SSL|Yes|No| > |SASL_PLAINTEXT|No|Yes| > |SASL_SSL|Yes|Yes| > > > > On the other hand when I try to use *SASL_PLAINTEXT* for security protocol in > Camel I am getting an error during the ActiveMQ starting. As a result > ActiveMQ will not start. > > I took the latest Camel code from: [https://github.com/apache/camel.git] and > it states that it only supports *SSL* and *PLAINTEXT* as security protocols > values. > > | *securityProtocol* (security) | Protocol used to communicate with brokers. > Currently only PLAINTEXT and SSL are supported. | PLAINTEXT | String > > > I did find this solved issue: [https://access.redhat.com/solutions/3364871] > but I did not find any evidence that this is working in the latest Camel > version. > > My Camel setup fragment is: > {code:java} > uri="kafka://10.100.70.00:9092?topic=MyEvents.s1.v1&brokers=10.100.70.00:9092&requestTimeoutMs=305000&retries=3&keySerializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&saslMechanism=GSSAPI&serializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&securityProtocol=SASL_PLAINTEXT&saslKerberosServiceName=kafka"/>{code} > > I am using an external Jaas configuration file: > {code:java} > KafkaClient { > com.sun.security.auth.module.Krb5LoginModule required > useKeyTab=true > storeKey=true > keyTab="./user.keytab" > useTicketCache=false > serviceName="kafka" > principal=" Group/u...@domain.lan"; > };{code} > Why Camel does not support *SASL_PLAINTEXT* *and* *SASL_SSL*? > > Please help me this is *VERY IMPORTANT* for the project I am working on and > this issue is considered a blocker. I am also an experienced Java programmer > and I am willing to contribute if necessary to the open source code for such > implementation if the need may be. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (CAMEL-12596) Camel-Kafka security protocol SASL_PLAINTEXT not supported
[ https://issues.apache.org/jira/browse/CAMEL-12596?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16529705#comment-16529705 ] Andrea Cosentino commented on CAMEL-12596: -- This wasn't clear from the beginning. That's why I was asking you the details. > Camel-Kafka security protocol SASL_PLAINTEXT not supported > -- > > Key: CAMEL-12596 > URL: https://issues.apache.org/jira/browse/CAMEL-12596 > Project: Camel > Issue Type: Improvement > Components: camel-kafka >Affects Versions: 2.21.1 > Environment: * ActiveMQ v5.15.4 > * Camel:2.21.1 > * Kafka Clients: 1.1.0 > * Server Version: Apache/2.4.6(CentOS) >Reporter: Lizuca Mihaescu >Priority: Major > > I need to route ActiveMQ messages to Kafka(Cloudera) through Camel using > authentication protocol Kerberos. > > Kafka Security documentation states that it only supports *SASL_PLAINTEXT* > and *SASL_SSL* for Kerberos: > [https://www.cloudera.com/documentation/kafka/2-0-x/topics/kafka_security.html] > > | ** |*SSL*|*Kerberos*| > |PLAINTEXT|No|No| > |SSL|Yes|No| > |SASL_PLAINTEXT|No|Yes| > |SASL_SSL|Yes|Yes| > > > > On the other hand when I try to use *SASL_PLAINTEXT* for security protocol in > Camel I am getting an error during the ActiveMQ starting. As a result > ActiveMQ will not start. > > I took the latest Camel code from: [https://github.com/apache/camel.git] and > it states that it only supports *SSL* and *PLAINTEXT* as security protocols > values. > > | *securityProtocol* (security) | Protocol used to communicate with brokers. > Currently only PLAINTEXT and SSL are supported. | PLAINTEXT | String > > > I did find this solved issue: [https://access.redhat.com/solutions/3364871] > but I did not find any evidence that this is working in the latest Camel > version. > > My Camel setup fragment is: > {code:java} > uri="kafka://10.100.70.00:9092?topic=MyEvents.s1.v1&brokers=10.100.70.00:9092&requestTimeoutMs=305000&retries=3&keySerializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&saslMechanism=GSSAPI&serializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&securityProtocol=SASL_PLAINTEXT&saslKerberosServiceName=kafka"/>{code} > > I am using an external Jaas configuration file: > {code:java} > KafkaClient { > com.sun.security.auth.module.Krb5LoginModule required > useKeyTab=true > storeKey=true > keyTab="./user.keytab" > useTicketCache=false > serviceName="kafka" > principal=" Group/u...@domain.lan"; > };{code} > Why Camel does not support *SASL_PLAINTEXT* *and* *SASL_SSL*? > > Please help me this is *VERY IMPORTANT* for the project I am working on and > this issue is considered a blocker. I am also an experienced Java programmer > and I am willing to contribute if necessary to the open source code for such > implementation if the need may be. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (CAMEL-12596) Camel-Kafka security protocol SASL_PLAINTEXT not supported
[ https://issues.apache.org/jira/browse/CAMEL-12596?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16529703#comment-16529703 ] Lizuca Mihaescu commented on CAMEL-12596: - [~ancosen] I am not very familiar with Camel internals but I believe the Camel parameters shall be verified so user does not enter garbage and the configuration could be loaded. I do not believe that ActiveMQ shall be aware of the valid parameters for Camel configuration. During such process Camel throws a verification exception therefore ActiveMQ does not start. So, during the Camel parameters verification process the SASL_PLAINTEXT is not accepted as a parameter. This is easy to try with any Camel configurations you might have. Just try to enter securityProtocol=SASL_PLAINTEXT and you will get an error during the verification stage which takes place at ActiveMQ startup. Let me know if you can try this suggested test. If not, as right now I do not have access to my test setup but as soon as I get access I will provide you with all my details. > Camel-Kafka security protocol SASL_PLAINTEXT not supported > -- > > Key: CAMEL-12596 > URL: https://issues.apache.org/jira/browse/CAMEL-12596 > Project: Camel > Issue Type: Improvement > Components: camel-kafka >Affects Versions: 2.21.1 > Environment: * ActiveMQ v5.15.4 > * Camel:2.21.1 > * Kafka Clients: 1.1.0 > * Server Version: Apache/2.4.6(CentOS) >Reporter: Lizuca Mihaescu >Priority: Major > > I need to route ActiveMQ messages to Kafka(Cloudera) through Camel using > authentication protocol Kerberos. > > Kafka Security documentation states that it only supports *SASL_PLAINTEXT* > and *SASL_SSL* for Kerberos: > [https://www.cloudera.com/documentation/kafka/2-0-x/topics/kafka_security.html] > > | ** |*SSL*|*Kerberos*| > |PLAINTEXT|No|No| > |SSL|Yes|No| > |SASL_PLAINTEXT|No|Yes| > |SASL_SSL|Yes|Yes| > > > > On the other hand when I try to use *SASL_PLAINTEXT* for security protocol in > Camel I am getting an error during the ActiveMQ starting. As a result > ActiveMQ will not start. > > I took the latest Camel code from: [https://github.com/apache/camel.git] and > it states that it only supports *SSL* and *PLAINTEXT* as security protocols > values. > > | *securityProtocol* (security) | Protocol used to communicate with brokers. > Currently only PLAINTEXT and SSL are supported. | PLAINTEXT | String > > > I did find this solved issue: [https://access.redhat.com/solutions/3364871] > but I did not find any evidence that this is working in the latest Camel > version. > > My Camel setup fragment is: > {code:java} > uri="kafka://10.100.70.00:9092?topic=MyEvents.s1.v1&brokers=10.100.70.00:9092&requestTimeoutMs=305000&retries=3&keySerializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&saslMechanism=GSSAPI&serializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&securityProtocol=SASL_PLAINTEXT&saslKerberosServiceName=kafka"/>{code} > > I am using an external Jaas configuration file: > {code:java} > KafkaClient { > com.sun.security.auth.module.Krb5LoginModule required > useKeyTab=true > storeKey=true > keyTab="./user.keytab" > useTicketCache=false > serviceName="kafka" > principal=" Group/u...@domain.lan"; > };{code} > Why Camel does not support *SASL_PLAINTEXT* *and* *SASL_SSL*? > > Please help me this is *VERY IMPORTANT* for the project I am working on and > this issue is considered a blocker. I am also an experienced Java programmer > and I am willing to contribute if necessary to the open source code for such > implementation if the need may be. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (CAMEL-12596) Camel-Kafka security protocol SASL_PLAINTEXT not supported
[ https://issues.apache.org/jira/browse/CAMEL-12596?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16529687#comment-16529687 ] Andrea Cosentino commented on CAMEL-12596: -- I still don't understand, but if your route doesn't fail the problem seems to be in ActiveMQ side more than in Camel. Can you create a reproducer? > Camel-Kafka security protocol SASL_PLAINTEXT not supported > -- > > Key: CAMEL-12596 > URL: https://issues.apache.org/jira/browse/CAMEL-12596 > Project: Camel > Issue Type: Improvement > Components: camel-kafka >Affects Versions: 2.21.1 > Environment: * ActiveMQ v5.15.4 > * Camel:2.21.1 > * Kafka Clients: 1.1.0 > * Server Version: Apache/2.4.6(CentOS) >Reporter: Lizuca Mihaescu >Priority: Major > > I need to route ActiveMQ messages to Kafka(Cloudera) through Camel using > authentication protocol Kerberos. > > Kafka Security documentation states that it only supports *SASL_PLAINTEXT* > and *SASL_SSL* for Kerberos: > [https://www.cloudera.com/documentation/kafka/2-0-x/topics/kafka_security.html] > > | ** |*SSL*|*Kerberos*| > |PLAINTEXT|No|No| > |SSL|Yes|No| > |SASL_PLAINTEXT|No|Yes| > |SASL_SSL|Yes|Yes| > > > > On the other hand when I try to use *SASL_PLAINTEXT* for security protocol in > Camel I am getting an error during the ActiveMQ starting. As a result > ActiveMQ will not start. > > I took the latest Camel code from: [https://github.com/apache/camel.git] and > it states that it only supports *SSL* and *PLAINTEXT* as security protocols > values. > > | *securityProtocol* (security) | Protocol used to communicate with brokers. > Currently only PLAINTEXT and SSL are supported. | PLAINTEXT | String > > > I did find this solved issue: [https://access.redhat.com/solutions/3364871] > but I did not find any evidence that this is working in the latest Camel > version. > > My Camel setup fragment is: > {code:java} > uri="kafka://10.100.70.00:9092?topic=MyEvents.s1.v1&brokers=10.100.70.00:9092&requestTimeoutMs=305000&retries=3&keySerializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&saslMechanism=GSSAPI&serializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&securityProtocol=SASL_PLAINTEXT&saslKerberosServiceName=kafka"/>{code} > > I am using an external Jaas configuration file: > {code:java} > KafkaClient { > com.sun.security.auth.module.Krb5LoginModule required > useKeyTab=true > storeKey=true > keyTab="./user.keytab" > useTicketCache=false > serviceName="kafka" > principal=" Group/u...@domain.lan"; > };{code} > Why Camel does not support *SASL_PLAINTEXT* *and* *SASL_SSL*? > > Please help me this is *VERY IMPORTANT* for the project I am working on and > this issue is considered a blocker. I am also an experienced Java programmer > and I am willing to contribute if necessary to the open source code for such > implementation if the need may be. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (CAMEL-12596) Camel-Kafka security protocol SASL_PLAINTEXT not supported
[ https://issues.apache.org/jira/browse/CAMEL-12596?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16529677#comment-16529677 ] Lizuca Mihaescu commented on CAMEL-12596: - [~ancosen] The Camel route is not failing :( (that would be good news for me) the ActiveMQ does not start at all when I use SASL_PLAINTEXT instead of PLAINTEXT. That means Camel does not accept SASL_PLAINTEXT as security protocol value as described above. > Camel-Kafka security protocol SASL_PLAINTEXT not supported > -- > > Key: CAMEL-12596 > URL: https://issues.apache.org/jira/browse/CAMEL-12596 > Project: Camel > Issue Type: Improvement > Components: camel-kafka >Affects Versions: 2.21.1 > Environment: * ActiveMQ v5.15.4 > * Camel:2.21.1 > * Kafka Clients: 1.1.0 > * Server Version: Apache/2.4.6(CentOS) >Reporter: Lizuca Mihaescu >Priority: Major > > I need to route ActiveMQ messages to Kafka(Cloudera) through Camel using > authentication protocol Kerberos. > > Kafka Security documentation states that it only supports *SASL_PLAINTEXT* > and *SASL_SSL* for Kerberos: > [https://www.cloudera.com/documentation/kafka/2-0-x/topics/kafka_security.html] > > | ** |*SSL*|*Kerberos*| > |PLAINTEXT|No|No| > |SSL|Yes|No| > |SASL_PLAINTEXT|No|Yes| > |SASL_SSL|Yes|Yes| > > > > On the other hand when I try to use *SASL_PLAINTEXT* for security protocol in > Camel I am getting an error during the ActiveMQ starting. As a result > ActiveMQ will not start. > > I took the latest Camel code from: [https://github.com/apache/camel.git] and > it states that it only supports *SSL* and *PLAINTEXT* as security protocols > values. > > | *securityProtocol* (security) | Protocol used to communicate with brokers. > Currently only PLAINTEXT and SSL are supported. | PLAINTEXT | String > > > I did find this solved issue: [https://access.redhat.com/solutions/3364871] > but I did not find any evidence that this is working in the latest Camel > version. > > My Camel setup fragment is: > {code:java} > uri="kafka://10.100.70.00:9092?topic=MyEvents.s1.v1&brokers=10.100.70.00:9092&requestTimeoutMs=305000&retries=3&keySerializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&saslMechanism=GSSAPI&serializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&securityProtocol=SASL_PLAINTEXT&saslKerberosServiceName=kafka"/>{code} > > I am using an external Jaas configuration file: > {code:java} > KafkaClient { > com.sun.security.auth.module.Krb5LoginModule required > useKeyTab=true > storeKey=true > keyTab="./user.keytab" > useTicketCache=false > serviceName="kafka" > principal=" Group/u...@domain.lan"; > };{code} > Why Camel does not support *SASL_PLAINTEXT* *and* *SASL_SSL*? > > Please help me this is *VERY IMPORTANT* for the project I am working on and > this issue is considered a blocker. I am also an experienced Java programmer > and I am willing to contribute if necessary to the open source code for such > implementation if the need may be. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (CAMEL-12596) Camel-Kafka security protocol SASL_PLAINTEXT not supported
[ https://issues.apache.org/jira/browse/CAMEL-12596?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16529651#comment-16529651 ] Andrea Cosentino commented on CAMEL-12596: -- Can you add the log of your Camel route while is failing? > Camel-Kafka security protocol SASL_PLAINTEXT not supported > -- > > Key: CAMEL-12596 > URL: https://issues.apache.org/jira/browse/CAMEL-12596 > Project: Camel > Issue Type: Improvement > Components: camel-kafka >Affects Versions: 2.21.1 > Environment: * ActiveMQ v5.15.4 > * Camel:2.21.1 > * Kafka Clients: 1.1.0 > * Server Version: Apache/2.4.6(CentOS) >Reporter: Lizuca Mihaescu >Priority: Major > > I need to route ActiveMQ messages to Kafka(Cloudera) through Camel using > authentication protocol Kerberos. > > Kafka Security documentation states that it only supports *SASL_PLAINTEXT* > and *SASL_SSL* for Kerberos: > [https://www.cloudera.com/documentation/kafka/2-0-x/topics/kafka_security.html] > > | ** |*SSL*|*Kerberos*| > |PLAINTEXT|No|No| > |SSL|Yes|No| > |SASL_PLAINTEXT|No|Yes| > |SASL_SSL|Yes|Yes| > > > > On the other hand when I try to use *SASL_PLAINTEXT* for security protocol in > Camel I am getting an error during the ActiveMQ starting. As a result > ActiveMQ will not start. > > I took the latest Camel code from: [https://github.com/apache/camel.git] and > it states that it only supports *SSL* and *PLAINTEXT* as security protocols > values. > > | *securityProtocol* (security) | Protocol used to communicate with brokers. > Currently only PLAINTEXT and SSL are supported. | PLAINTEXT | String > > > I did find this solved issue: [https://access.redhat.com/solutions/3364871] > but I did not find any evidence that this is working in the latest Camel > version. > > My Camel setup fragment is: > {code:java} > uri="kafka://10.100.70.00:9092?topic=MyEvents.s1.v1&brokers=10.100.70.00:9092&requestTimeoutMs=305000&retries=3&keySerializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&saslMechanism=GSSAPI&serializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&securityProtocol=SASL_PLAINTEXT&saslKerberosServiceName=kafka"/>{code} > > I am using an external Jaas configuration file: > {code:java} > KafkaClient { > com.sun.security.auth.module.Krb5LoginModule required > useKeyTab=true > storeKey=true > keyTab="./user.keytab" > useTicketCache=false > serviceName="kafka" > principal=" Group/u...@domain.lan"; > };{code} > Why Camel does not support *SASL_PLAINTEXT* *and* *SASL_SSL*? > > Please help me this is *VERY IMPORTANT* for the project I am working on and > this issue is considered a blocker. I am also an experienced Java programmer > and I am willing to contribute if necessary to the open source code for such > implementation if the need may be. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (CAMEL-12596) Camel-Kafka security protocol SASL_PLAINTEXT not supported
[ https://issues.apache.org/jira/browse/CAMEL-12596?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16529640#comment-16529640 ] Lizuca Mihaescu commented on CAMEL-12596: - [~ancosen] As evidence I've cloned the latest Camel code: [https://github.com/apache/camel.git] and I was not able to find any SASL_PLAINTEXT constant into the code. In the file KafkaComponentConfiguration.java I did find the following lines: {code:java} /** * Protocol used to communicate with brokers. Currently only PLAINTEXT * and SSL are supported. */ private String securityProtocol = "PLAINTEXT";{code} I do not doubt that the mapping is done internally with Kafka Client. The problem stated here is that in the above described case the mapping is missing :(. That means the SASL_PLAINTEXT is not accepted as value for securityProtocol. This is a critical issue for the project I am working on as I cannot produce messages to Kafka through Cloudera as long as the security protocol value SASL_PLAINTEXT is not a recognised value for securityProtocol by Camel. I could not find any test in Kafka to prove this value is accepted. > Camel-Kafka security protocol SASL_PLAINTEXT not supported > -- > > Key: CAMEL-12596 > URL: https://issues.apache.org/jira/browse/CAMEL-12596 > Project: Camel > Issue Type: Improvement > Components: camel-kafka >Affects Versions: 2.21.1 > Environment: * ActiveMQ v5.15.4 > * Camel:2.21.1 > * Kafka Clients: 1.1.0 > * Server Version: Apache/2.4.6(CentOS) >Reporter: Lizuca Mihaescu >Priority: Major > > I need to route ActiveMQ messages to Kafka(Cloudera) through Camel using > authentication protocol Kerberos. > > Kafka Security documentation states that it only supports *SASL_PLAINTEXT* > and *SASL_SSL* for Kerberos: > [https://www.cloudera.com/documentation/kafka/2-0-x/topics/kafka_security.html] > > | ** |*SSL*|*Kerberos*| > |PLAINTEXT|No|No| > |SSL|Yes|No| > |SASL_PLAINTEXT|No|Yes| > |SASL_SSL|Yes|Yes| > > > > On the other hand when I try to use *SASL_PLAINTEXT* for security protocol in > Camel I am getting an error during the ActiveMQ starting. As a result > ActiveMQ will not start. > > I took the latest Camel code from: [https://github.com/apache/camel.git] and > it states that it only supports *SSL* and *PLAINTEXT* as security protocols > values. > > | *securityProtocol* (security) | Protocol used to communicate with brokers. > Currently only PLAINTEXT and SSL are supported. | PLAINTEXT | String > > > I did find this solved issue: [https://access.redhat.com/solutions/3364871] > but I did not find any evidence that this is working in the latest Camel > version. > > My Camel setup fragment is: > {code:java} > uri="kafka://10.100.70.00:9092?topic=MyEvents.s1.v1&brokers=10.100.70.00:9092&requestTimeoutMs=305000&retries=3&keySerializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&saslMechanism=GSSAPI&serializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&securityProtocol=SASL_PLAINTEXT&saslKerberosServiceName=kafka"/>{code} > > I am using an external Jaas configuration file: > {code:java} > KafkaClient { > com.sun.security.auth.module.Krb5LoginModule required > useKeyTab=true > storeKey=true > keyTab="./user.keytab" > useTicketCache=false > serviceName="kafka" > principal=" Group/u...@domain.lan"; > };{code} > Why Camel does not support *SASL_PLAINTEXT* *and* *SASL_SSL*? > > Please help me this is *VERY IMPORTANT* for the project I am working on and > this issue is considered a blocker. I am also an experienced Java programmer > and I am willing to contribute if necessary to the open source code for such > implementation if the need may be. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (CAMEL-12596) Camel-Kafka security protocol SASL_PLAINTEXT not supported
[ https://issues.apache.org/jira/browse/CAMEL-12596?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16529636#comment-16529636 ] Andrea Cosentino commented on CAMEL-12596: -- By the way I don't think you're using a good approach, you're reporting an issue and that's fine, but you cannot pretend any assignee will try to reconstruct your environment and run/test everything for you. At least you need to provide a reproducer. The community works on this project during free time, so you cannot just "pretend". > Camel-Kafka security protocol SASL_PLAINTEXT not supported > -- > > Key: CAMEL-12596 > URL: https://issues.apache.org/jira/browse/CAMEL-12596 > Project: Camel > Issue Type: Improvement > Components: camel-kafka >Affects Versions: 2.21.1 > Environment: * ActiveMQ v5.15.4 > * Camel:2.21.1 > * Kafka Clients: 1.1.0 > * Server Version: Apache/2.4.6(CentOS) >Reporter: Lizuca Mihaescu >Priority: Major > > I need to route ActiveMQ messages to Kafka(Cloudera) through Camel using > authentication protocol Kerberos. > > Kafka Security documentation states that it only supports *SASL_PLAINTEXT* > and *SASL_SSL* for Kerberos: > [https://www.cloudera.com/documentation/kafka/2-0-x/topics/kafka_security.html] > > | ** |*SSL*|*Kerberos*| > |PLAINTEXT|No|No| > |SSL|Yes|No| > |SASL_PLAINTEXT|No|Yes| > |SASL_SSL|Yes|Yes| > > > > On the other hand when I try to use *SASL_PLAINTEXT* for security protocol in > Camel I am getting an error during the ActiveMQ starting. As a result > ActiveMQ will not start. > > I took the latest Camel code from: [https://github.com/apache/camel.git] and > it states that it only supports *SSL* and *PLAINTEXT* as security protocols > values. > > | *securityProtocol* (security) | Protocol used to communicate with brokers. > Currently only PLAINTEXT and SSL are supported. | PLAINTEXT | String > > > I did find this solved issue: [https://access.redhat.com/solutions/3364871] > but I did not find any evidence that this is working in the latest Camel > version. > > My Camel setup fragment is: > {code:java} > uri="kafka://10.100.70.00:9092?topic=MyEvents.s1.v1&brokers=10.100.70.00:9092&requestTimeoutMs=305000&retries=3&keySerializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&saslMechanism=GSSAPI&serializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&securityProtocol=SASL_PLAINTEXT&saslKerberosServiceName=kafka"/>{code} > > I am using an external Jaas configuration file: > {code:java} > KafkaClient { > com.sun.security.auth.module.Krb5LoginModule required > useKeyTab=true > storeKey=true > keyTab="./user.keytab" > useTicketCache=false > serviceName="kafka" > principal=" Group/u...@domain.lan"; > };{code} > Why Camel does not support *SASL_PLAINTEXT* *and* *SASL_SSL*? > > Please help me this is *VERY IMPORTANT* for the project I am working on and > this issue is considered a blocker. I am also an experienced Java programmer > and I am willing to contribute if necessary to the open source code for such > implementation if the need may be. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (CAMEL-12596) Camel-Kafka security protocol SASL_PLAINTEXT not supported
[ https://issues.apache.org/jira/browse/CAMEL-12596?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16529601#comment-16529601 ] Andrea Cosentino commented on CAMEL-12596: -- If you want Enterprise support there are solutions like the Red Hat one. > Camel-Kafka security protocol SASL_PLAINTEXT not supported > -- > > Key: CAMEL-12596 > URL: https://issues.apache.org/jira/browse/CAMEL-12596 > Project: Camel > Issue Type: Improvement > Components: camel-kafka >Affects Versions: 2.21.1 > Environment: * ActiveMQ v5.15.4 > * Camel:2.21.1 > * Kafka Clients: 1.1.0 > * Server Version: Apache/2.4.6(CentOS) >Reporter: Lizuca Mihaescu >Priority: Major > > I need to route ActiveMQ messages to Kafka(Cloudera) through Camel using > authentication protocol Kerberos. > > Kafka Security documentation states that it only supports *SASL_PLAINTEXT* > and *SASL_SSL* for Kerberos: > [https://www.cloudera.com/documentation/kafka/2-0-x/topics/kafka_security.html] > > | ** |*SSL*|*Kerberos*| > |PLAINTEXT|No|No| > |SSL|Yes|No| > |SASL_PLAINTEXT|No|Yes| > |SASL_SSL|Yes|Yes| > > > > On the other hand when I try to use *SASL_PLAINTEXT* for security protocol in > Camel I am getting an error during the ActiveMQ starting. As a result > ActiveMQ will not start. > > I took the latest Camel code from: [https://github.com/apache/camel.git] and > it states that it only supports *SSL* and *PLAINTEXT* as security protocols > values. > > | *securityProtocol* (security) | Protocol used to communicate with brokers. > Currently only PLAINTEXT and SSL are supported. | PLAINTEXT | String > > > I did find this solved issue: [https://access.redhat.com/solutions/3364871] > but I did not find any evidence that this is working in the latest Camel > version. > > My Camel setup fragment is: > {code:java} > uri="kafka://10.100.70.00:9092?topic=MyEvents.s1.v1&brokers=10.100.70.00:9092&requestTimeoutMs=305000&retries=3&keySerializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&saslMechanism=GSSAPI&serializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&securityProtocol=SASL_PLAINTEXT&saslKerberosServiceName=kafka"/>{code} > > I am using an external Jaas configuration file: > {code:java} > KafkaClient { > com.sun.security.auth.module.Krb5LoginModule required > useKeyTab=true > storeKey=true > keyTab="./user.keytab" > useTicketCache=false > serviceName="kafka" > principal=" Group/u...@domain.lan"; > };{code} > Why Camel does not support *SASL_PLAINTEXT* *and* *SASL_SSL*? > > Please help me this is *VERY IMPORTANT* for the project I am working on and > this issue is considered a blocker. I am also an experienced Java programmer > and I am willing to contribute if necessary to the open source code for such > implementation if the need may be. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (CAMEL-12596) Camel-Kafka security protocol SASL_PLAINTEXT not supported
[ https://issues.apache.org/jira/browse/CAMEL-12596?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16529596#comment-16529596 ] Andrea Cosentino commented on CAMEL-12596: -- The docs provided must be updated, but the reproducer used by that guy works. I cannot test your application or reconstruct everything without a reproducer. I can reopen this, but it doesn't make sense. The mapping between the options in kafka and camel are one to one, so if you use security Protocol the allowed values are the same as in Kafka. So it's probably more a problem in your configuration than in camel itself. I'm reopening this if you want, but I doubt someone can test everything for you. > Camel-Kafka security protocol SASL_PLAINTEXT not supported > -- > > Key: CAMEL-12596 > URL: https://issues.apache.org/jira/browse/CAMEL-12596 > Project: Camel > Issue Type: Improvement > Components: camel-kafka >Affects Versions: 2.21.1 > Environment: * ActiveMQ v5.15.4 > * Camel:2.21.1 > * Kafka Clients: 1.1.0 > * Server Version: Apache/2.4.6(CentOS) >Reporter: Lizuca Mihaescu >Priority: Major > > I need to route ActiveMQ messages to Kafka(Cloudera) through Camel using > authentication protocol Kerberos. > > Kafka Security documentation states that it only supports *SASL_PLAINTEXT* > and *SASL_SSL* for Kerberos: > [https://www.cloudera.com/documentation/kafka/2-0-x/topics/kafka_security.html] > > | ** |*SSL*|*Kerberos*| > |PLAINTEXT|No|No| > |SSL|Yes|No| > |SASL_PLAINTEXT|No|Yes| > |SASL_SSL|Yes|Yes| > > > > On the other hand when I try to use *SASL_PLAINTEXT* for security protocol in > Camel I am getting an error during the ActiveMQ starting. As a result > ActiveMQ will not start. > > I took the latest Camel code from: [https://github.com/apache/camel.git] and > it states that it only supports *SSL* and *PLAINTEXT* as security protocols > values. > > | *securityProtocol* (security) | Protocol used to communicate with brokers. > Currently only PLAINTEXT and SSL are supported. | PLAINTEXT | String > > > I did find this solved issue: [https://access.redhat.com/solutions/3364871] > but I did not find any evidence that this is working in the latest Camel > version. > > My Camel setup fragment is: > {code:java} > uri="kafka://10.100.70.00:9092?topic=MyEvents.s1.v1&brokers=10.100.70.00:9092&requestTimeoutMs=305000&retries=3&keySerializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&saslMechanism=GSSAPI&serializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&securityProtocol=SASL_PLAINTEXT&saslKerberosServiceName=kafka"/>{code} > > I am using an external Jaas configuration file: > {code:java} > KafkaClient { > com.sun.security.auth.module.Krb5LoginModule required > useKeyTab=true > storeKey=true > keyTab="./user.keytab" > useTicketCache=false > serviceName="kafka" > principal=" Group/u...@domain.lan"; > };{code} > Why Camel does not support *SASL_PLAINTEXT* *and* *SASL_SSL*? > > Please help me this is *VERY IMPORTANT* for the project I am working on and > this issue is considered a blocker. I am also an experienced Java programmer > and I am willing to contribute if necessary to the open source code for such > implementation if the need may be. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (CAMEL-12596) Camel-Kafka security protocol SASL_PLAINTEXT not supported
[ https://issues.apache.org/jira/browse/CAMEL-12596?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16529588#comment-16529588 ] Lizuca Mihaescu commented on CAMEL-12596: - [~ancosen] in the provided link there is no evidence whatsoever that the stated combination works: saslMechanism=GSSAPI, securityProtocol=SASL_PLAINTEXT Did you personally tried this combination? Can you start ActiveMQ using this combination? My configuration works fine (ActiveMQ starts without errors) with combination: saslMechanism=GSSAPI, securityProtocol=PLAINTEXT In the documentation provided by you [https://github.com/apache/camel/blob/master/components/camel-kafka/src/main/docs/kafka-component.adoc] it specifically states: |*securityProtocol* (security)|Protocol used to communicate with brokers. Currently only PLAINTEXT and SSL are supported.|PLAINTEXT|String| > Camel-Kafka security protocol SASL_PLAINTEXT not supported > -- > > Key: CAMEL-12596 > URL: https://issues.apache.org/jira/browse/CAMEL-12596 > Project: Camel > Issue Type: Improvement > Components: camel-kafka >Affects Versions: 2.21.1 > Environment: * ActiveMQ v5.15.4 > * Camel:2.21.1 > * Kafka Clients: 1.1.0 > * Server Version: Apache/2.4.6(CentOS) >Reporter: Lizuca Mihaescu >Priority: Major > > I need to route ActiveMQ messages to Kafka(Cloudera) through Camel using > authentication protocol Kerberos. > > Kafka Security documentation states that it only supports *SASL_PLAINTEXT* > and *SASL_SSL* for Kerberos: > [https://www.cloudera.com/documentation/kafka/2-0-x/topics/kafka_security.html] > > | ** |*SSL*|*Kerberos*| > |PLAINTEXT|No|No| > |SSL|Yes|No| > |SASL_PLAINTEXT|No|Yes| > |SASL_SSL|Yes|Yes| > > > > On the other hand when I try to use *SASL_PLAINTEXT* for security protocol in > Camel I am getting an error during the ActiveMQ starting. As a result > ActiveMQ will not start. > > I took the latest Camel code from: [https://github.com/apache/camel.git] and > it states that it only supports *SSL* and *PLAINTEXT* as security protocols > values. > > | *securityProtocol* (security) | Protocol used to communicate with brokers. > Currently only PLAINTEXT and SSL are supported. | PLAINTEXT | String > > > I did find this solved issue: [https://access.redhat.com/solutions/3364871] > but I did not find any evidence that this is working in the latest Camel > version. > > My Camel setup fragment is: > {code:java} > uri="kafka://10.100.70.00:9092?topic=MyEvents.s1.v1&brokers=10.100.70.00:9092&requestTimeoutMs=305000&retries=3&keySerializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&saslMechanism=GSSAPI&serializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&securityProtocol=SASL_PLAINTEXT&saslKerberosServiceName=kafka"/>{code} > > I am using an external Jaas configuration file: > {code:java} > KafkaClient { > com.sun.security.auth.module.Krb5LoginModule required > useKeyTab=true > storeKey=true > keyTab="./user.keytab" > useTicketCache=false > serviceName="kafka" > principal=" Group/u...@domain.lan"; > };{code} > Why Camel does not support *SASL_PLAINTEXT* *and* *SASL_SSL*? > > Please help me this is *VERY IMPORTANT* for the project I am working on and > this issue is considered a blocker. I am also an experienced Java programmer > and I am willing to contribute if necessary to the open source code for such > implementation if the need may be. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (CAMEL-12596) Camel-Kafka security protocol SASL_PLAINTEXT not supported
[ https://issues.apache.org/jira/browse/CAMEL-12596?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16529528#comment-16529528 ] Andrea Cosentino commented on CAMEL-12596: -- [https://github.com/apache/camel/issues/1897] This PR shows that SASL_PLAINTEXT and SASL_SSL are supported. It seems a problem with your conf. > Camel-Kafka security protocol SASL_PLAINTEXT not supported > -- > > Key: CAMEL-12596 > URL: https://issues.apache.org/jira/browse/CAMEL-12596 > Project: Camel > Issue Type: Improvement > Components: camel-kafka >Affects Versions: 2.21.1 > Environment: * ActiveMQ v5.15.4 > * Camel:2.21.1 > * Kafka Clients: 1.1.0 > * Server Version: Apache/2.4.6(CentOS) >Reporter: Lizuca Mihaescu >Priority: Major > > I need to route ActiveMQ messages to Kafka(Cloudera) through Camel using > authentication protocol Kerberos. > > Kafka Security documentation states that it only supports *SASL_PLAINTEXT* > and *SASL_SSL* for Kerberos: > [https://www.cloudera.com/documentation/kafka/2-0-x/topics/kafka_security.html] > > | ** |*SSL*|*Kerberos*| > |PLAINTEXT|No|No| > |SSL|Yes|No| > |SASL_PLAINTEXT|No|Yes| > |SASL_SSL|Yes|Yes| > > > > On the other hand when I try to use *SASL_PLAINTEXT* for security protocol in > Camel I am getting an error during the ActiveMQ starting. As a result > ActiveMQ will not start. > > I took the latest Camel code from: [https://github.com/apache/camel.git] and > it states that it only supports *SSL* and *PLAINTEXT* as security protocols > values. > > | *securityProtocol* (security) | Protocol used to communicate with brokers. > Currently only PLAINTEXT and SSL are supported. | PLAINTEXT | String > > > I did find this solved issue: [https://access.redhat.com/solutions/3364871] > but I did not find any evidence that this is working in the latest Camel > version. > > My Camel setup fragment is: > {code:java} > uri="kafka://10.100.70.00:9092?topic=MyEvents.s1.v1&brokers=10.100.70.00:9092&requestTimeoutMs=305000&retries=3&keySerializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&saslMechanism=GSSAPI&serializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&securityProtocol=SASL_PLAINTEXT&saslKerberosServiceName=kafka"/>{code} > > I am using an external Jaas configuration file: > {code:java} > KafkaClient { > com.sun.security.auth.module.Krb5LoginModule required > useKeyTab=true > storeKey=true > keyTab="./user.keytab" > useTicketCache=false > serviceName="kafka" > principal=" Group/u...@domain.lan"; > };{code} > Why Camel does not support *SASL_PLAINTEXT* *and* *SASL_SSL*? > > Please help me this is *VERY IMPORTANT* for the project I am working on and > this issue is considered a blocker. I am also an experienced Java programmer > and I am willing to contribute if necessary to the open source code for such > implementation if the need may be. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (CAMEL-12596) Camel-Kafka security protocol SASL_PLAINTEXT not supported
[ https://issues.apache.org/jira/browse/CAMEL-12596?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16522298#comment-16522298 ] Lizuca Mihaescu commented on CAMEL-12596: - [~ancosen] as you can see above I am using {code:java} saslMechanism=GSSAPI{code} but I need to use in addition to this mechanism the security protocol *SASL_PLAINTEXT* which is not currently supported by Camel in order to produce messages to Cloudera Kafka. > Camel-Kafka security protocol SASL_PLAINTEXT not supported > -- > > Key: CAMEL-12596 > URL: https://issues.apache.org/jira/browse/CAMEL-12596 > Project: Camel > Issue Type: Improvement > Components: camel-kafka >Affects Versions: 2.21.1 > Environment: * ActiveMQ v5.15.4 > * Camel:2.21.1 > * Kafka Clients: 1.1.0 > * Server Version: Apache/2.4.6(CentOS) >Reporter: Lizuca Mihaescu >Priority: Blocker > > I need to route ActiveMQ messages to Kafka(Cloudera) through Camel using > authentication protocol Kerberos. > > Kafka Security documentation states that it only supports *SASL_PLAINTEXT* > and *SASL_SSL* for Kerberos: > [https://www.cloudera.com/documentation/kafka/2-0-x/topics/kafka_security.html] > > | ** |*SSL*|*Kerberos*| > |PLAINTEXT|No|No| > |SSL|Yes|No| > |SASL_PLAINTEXT|No|Yes| > |SASL_SSL|Yes|Yes| > > > > On the other hand when I try to use *SASL_PLAINTEXT* for security protocol in > Camel I am getting an error during the ActiveMQ starting. As a result > ActiveMQ will not start. > > I took the latest Camel code from: [https://github.com/apache/camel.git] and > it states that it only supports *SSL* and *PLAINTEXT* as security protocols > values. > > | *securityProtocol* (security) | Protocol used to communicate with brokers. > Currently only PLAINTEXT and SSL are supported. | PLAINTEXT | String > > > I did find this solved issue: [https://access.redhat.com/solutions/3364871] > but I did not find any evidence that this is working in the latest Camel > version. > > My Camel setup fragment is: > {code:java} > uri="kafka://10.100.70.00:9092?topic=MyEvents.s1.v1&brokers=10.100.70.00:9092&requestTimeoutMs=305000&retries=3&keySerializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&saslMechanism=GSSAPI&serializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&securityProtocol=SASL_PLAINTEXT&saslKerberosServiceName=kafka"/>{code} > > I am using an external Jaas configuration file: > {code:java} > KafkaClient { > com.sun.security.auth.module.Krb5LoginModule required > useKeyTab=true > storeKey=true > keyTab="./user.keytab" > useTicketCache=false > serviceName="kafka" > principal=" Group/u...@domain.lan"; > };{code} > Why Camel does not support *SASL_PLAINTEXT* *and* *SASL_SSL*? > > Please help me this is *VERY IMPORTANT* for the project I am working on and > this issue is considered a blocker. I am also an experienced Java programmer > and I am willing to contribute if necessary to the open source code for such > implementation if the need may be. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (CAMEL-12596) Camel-Kafka security protocol SASL_PLAINTEXT not supported
[ https://issues.apache.org/jira/browse/CAMEL-12596?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16522284#comment-16522284 ] Andrea Cosentino commented on CAMEL-12596: -- Did you check the saslMechanism option? https://github.com/apache/camel/blob/master/components/camel-kafka/src/main/docs/kafka-component.adoc > Camel-Kafka security protocol SASL_PLAINTEXT not supported > -- > > Key: CAMEL-12596 > URL: https://issues.apache.org/jira/browse/CAMEL-12596 > Project: Camel > Issue Type: Improvement > Components: camel-kafka >Affects Versions: 2.21.1 > Environment: * ActiveMQ v5.15.4 > * Camel:2.21.1 > * Kafka Clients: 1.1.0 > * Server Version: Apache/2.4.6(CentOS) >Reporter: Lizuca Mihaescu >Priority: Blocker > > I need to route ActiveMQ messages to Kafka(Cloudera) through Camel using > authentication protocol Kerberos. > > Kafka Security documentation states that it only supports *SASL_PLAINTEXT* > and *SASL_SSL* for Kerberos: > [https://www.cloudera.com/documentation/kafka/2-0-x/topics/kafka_security.html] > > | ** |*SSL*|*Kerberos*| > |PLAINTEXT|No|No| > |SSL|Yes|No| > |SASL_PLAINTEXT|No|Yes| > |SASL_SSL|Yes|Yes| > > > > On the other hand when I try to use *SASL_PLAINTEXT* for security protocol in > Camel I am getting an error during the ActiveMQ starting. As a result > ActiveMQ will not start. > > I took the latest Camel code from: [https://github.com/apache/camel.git] and > it states that it only supports *SSL* and *PLAINTEXT* as security protocols > values. > > | *securityProtocol* (security) | Protocol used to communicate with brokers. > Currently only PLAINTEXT and SSL are supported. | PLAINTEXT | String > > > I did find this solved issue: [https://access.redhat.com/solutions/3364871] > but I did not find any evidence that this is working in the latest Camel > version. > > My Camel setup fragment is: > {code:java} > uri="kafka://10.100.70.00:9092?topic=MyEvents.s1.v1&brokers=10.100.70.00:9092&requestTimeoutMs=305000&retries=3&keySerializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&saslMechanism=GSSAPI&serializerClass=org.apache.kafka.common.serialization.ByteArraySerializer&securityProtocol=SASL_PLAINTEXT&saslKerberosServiceName=kafka"/>{code} > > I am using an external Jaas configuration file: > {code:java} > KafkaClient { > com.sun.security.auth.module.Krb5LoginModule required > useKeyTab=true > storeKey=true > keyTab="./user.keytab" > useTicketCache=false > serviceName="kafka" > principal=" Group/u...@domain.lan"; > };{code} > Why Camel does not support *SASL_PLAINTEXT* *and* *SASL_SSL*? > > Please help me this is *VERY IMPORTANT* for the project I am working on and > this issue is considered a blocker. I am also an experienced Java programmer > and I am willing to contribute if necessary to the open source code for such > implementation if the need may be. -- This message was sent by Atlassian JIRA (v7.6.3#76005)