I have spring boot application which connect to my kafka cluster. Application(as kafka client) uses SASL authentication and I specified JAAS configuration through System.setProperty() before initializing kafka producer and consumer. It is working fine with single kafka cluster setup.
kafka_client_jaas.conf
KafkaClient {
org.apache.kafka.common.security.plain.PlainLoginModule required
username="myClusterUser"
password="user-secret";
};
MyKafkaProducer.java
…
private void init()
{
System.setProperty("java.security.auth.login.config", "kafka_client_jaas.conf");
…
}
Now I have a third party(someone else’s) kafka cluster which is completely disconnected from my kafka cluster. Third party kafka cluster also uses SASL authentication.
How java application can connect to two different kafka clusters and both clusters required SASL authentication?
Username and password are different for both the clusters and I can set only one JAAS config file in java.security.auth.login.config.
Since Kafka 0.10.2, you can use the sasl.jaas.config setting to configure SASL authentication per Kafka client. This enables running multiple Kafka clients with different (or the same) SASL configurations in a single JVM.
To do so:
Unset java.security.auth.login.config
In each Kafka client properties add sasl.jaas.config. For example:
sasl.jaas.config=org.apache.kafka.common.security.plain.PlainLoginModule required \
username="myClusterUser" \
password="user-secret";
see http://kafka.apache.org/documentation.html#security_sasl_plain_clientconfig for the full details
MyKafkaClient.java
import org.apache.kafka.common.config.SaslConfigs;
private void init() {
properties.put(SaslConfigs.SASL_JAAS_CONFIG,
"org.apache.kafka.common.security.plain.PlainLoginModule required username=\"myClusterUser\" password=\"user-secret\"");
}
delete your JAAS file