RE: Interacting with a secured Kafka cluster via GSS-API

@kafka.apache.org Subject: RE: Interacting with a secured Kafka cluster via GSS-API > Interested to find out if the new producer and consumer fare > better Regarding that, what's the best way to use the new producer with as little overhead as possible?

Re: Interacting with a secured Kafka cluster via GSS-API

On Thu, Dec 10, 2015 at 5:24 PM, Dave Ariens wrote: > Absolutely, currently I'm hoping to get authentication working and then > ultimately work towards encryption. We're also testing performance of > more out-of-the-box Kafka components but I fear our message volume

RE: Interacting with a secured Kafka cluster via GSS-API

. From: Andrew Schofield [andrew_schofi...@uk.ibm.com] Sent: Thursday, December 10, 2015 10:52 AM To: dev@kafka.apache.org Subject: RE: Interacting with a secured Kafka cluster via GSS-API Wouldn't you use TLS to secure the connections? Encrypting just the credentials

Re: Interacting with a secured Kafka cluster via GSS-API

...@uk.ibm.com] > Sent: Thursday, December 10, 2015 10:52 AM > To: dev@kafka.apache.org > Subject: RE: Interacting with a secured Kafka cluster via GSS-API > > Wouldn't you use TLS to secure the connections? Encrypting just the > credentials but not the connection s

RE: Interacting with a secured Kafka cluster via GSS-API

> From: Andrew Schofield [andrew_schofi...@uk.ibm.com] > Sent: Thursday, December 10, 2015 10:52 AM > To: dev@kafka.apache.org > Subject: RE: Interacting with a secured Kafka cluster via GSS-API > > Wouldn't you use TLS to secure the connections? Encrypting just the > credentials but not

RE: Interacting with a secured Kafka cluster via GSS-API

[ism...@juma.me.uk] Sent: Thursday, December 10, 2015 1:10 PM To: dev@kafka.apache.org Subject: Re: Interacting with a secured Kafka cluster via GSS-API On Thu, Dec 10, 2015 at 6:06 PM, Dave Ariens <dari...@blackberry.com> wrote: > Sure, the custom producer and consumer library I'm updating

Re: Interacting with a secured Kafka cluster via GSS-API

On Thu, Dec 10, 2015 at 6:06 PM, Dave Ariens wrote: > Sure, the custom producer and consumer library I'm updating is Krackle: > https://github.com/blackberry/Krackle > ... > We found that neither the Kafka proper producers nor Kafka could keep up > with the stock packages

RE: Interacting with a secured Kafka cluster via GSS-API

...@gmail.com [isma...@gmail.com] on behalf of Ismael Juma [ism...@juma.me.uk] Sent: Thursday, December 10, 2015 12:44 PM To: dev@kafka.apache.org Subject: Re: Interacting with a secured Kafka cluster via GSS-API On Thu, Dec 10, 2015 at 5:24 PM, Dave Ariens <dari...@blackberry.com> wrote: > A

RE: Interacting with a secured Kafka cluster via GSS-API

on behalf of Ismael Juma [ism...@juma.me.uk] Sent: Thursday, December 10, 2015 10:36 AM To: dev@kafka.apache.org Subject: Re: Interacting with a secured Kafka cluster via GSS-API Hi Dave, Is there a reason why you are using GSS-API directly instead of via SASL? It should still work, but if y

Interacting with a secured Kafka cluster via GSS-API

Hi devs! I'm working on enhancing a custom 0.8.2.1 producer/consumer to support establishing connections a secured 0.9.0 cluster with strict ACLs on each topic. I'm pretty new to (read: first day working with) GSS-API/JAAS and not really sure how to approach this problem. Our existing

Re: Interacting with a secured Kafka cluster via GSS-API

Hi Dave, Is there a reason why you are using GSS-API directly instead of via SASL? It should still work, but if you do the latter, you can potentially reuse the existing code (or at least use it as inspiration), see `org.apache.kafka.common.security.authenticator.SaslClientAuthenticator`. Also,

RE: Interacting with a secured Kafka cluster via GSS-API

ent: Thursday, December 10, 2015 10:36 AM To: dev@kafka.apache.org Subject: Re: Interacting with a secured Kafka cluster via GSS-API Hi Dave, Is there a reason why you are using GSS-API directly instead of via SASL? It should still work, but if you do the latter, you can potentially reuse the exist