I'd like to point out that you can pass multiple jaas config within a jvm using `sasl.jaas.config` in producer & consumer config.
On Mon, Feb 19, 2018 at 8:10 PM, Michal Hariš <michal.har...@gmail.com> wrote: > Hi all, > > I have one cluster with kerberos authenticator and another with simple > authenticator. I need to be able to consume certain topics from the > kerberized cluster and produce into the cluster with the simple auth. The > ACLs on both cluster work well for the purpose but I can't see the way how > to setup a simple mirror maker - or any other process that can connect at > the same time to 2 separate kafka security realms. The problem is that one > jvm process can only have one property: > > Djava.security.auth.login.config=/path/to/server/jaas/file.conf > > The Jaas file could have multiple client identifiers but from what i've > read in the docs this is expected always to be KafkaClient. > > Has anybody faced the same issue ? Is it somehow not correct to be > connecting to 2 different realms - this would mean that any global > replication would have to also have a single, global authentication realm. > > Thanks, > Michal >