I use akhq to monitoring for kafka-cluster however The yml configuration file that I use for akhq doesn't work with basic-authentication tag. I've shared exception as below when I logged the ui also my configuration file for akhq. Akhq version is 0.23.0 kafka version 2.6.0.
2023-07-28 14:48:00,669 ERROR r-thread-2 o.a.c.ErrorController Unprocessed Continuation
Reference(s)
javax.naming.PartialResultException: Unprocessed Continuation Reference(s)
at java.naming/com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2918)
at java.naming/com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2892)
at java.naming/com.sun.jndi.ldap.LdapCtx.searchAux(LdapCtx.java:1846)
at java.naming/com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1769)
at java.naming/com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1786)
at java.naming/com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search(ComponentDirContext.java:418)
at java.naming/com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:396)
at java.naming/com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:378)
at java.naming/javax.naming.directory.InitialDirContext.search(InitialDirContext.java:286)
at io.micronaut.security.ldap.context.DefaultLdapSearchService.search(DefaultLdapSearchService.java:55)
at io.micronaut.security.ldap.context.DefaultLdapSearchService.searchFirst(DefaultLdapSearchService.java:40)
at io.micronaut.security.ldap.LdapAuthenticationProvider.lambda$authenticate$2(LdapAuthenticationProvider.java:111)
at reactor.core.publisher.FluxCreate.subscribe(FluxCreate.java:95)
at reactor.core.publisher.InternalFluxOperator.subscribe(InternalFluxOperator.java:62)
at reactor.core.publisher.FluxSubscribeOn$SubscribeOnSubscriber.run(FluxSubscribeOn.java:194)
at io.micronaut.reactive.reactor.instrument.ReactorInstrumentation.lambda$init$0(ReactorInstrumentation.java:62)
at reactor.core.scheduler.WorkerTask.call(WorkerTask.java:84)
at reactor.core.scheduler.WorkerTask.call(WorkerTask.java:37)
at io.micrometer.core.instrument.composite.CompositeTimer.recordCallable(CompositeTimer.java:77)
at io.micrometer.core.instrument.Timer.lambda$wrap$1(Timer.java:162)
at io.micronaut.scheduling.instrument.InvocationInstrumenterWrappedCallable.call(InvocationInstrumenterWrappedCallable.java:53)
at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
at java.base/java.lang.Thread.run(Thread.java:834)
2023-07-28 14:48:00,675 WARN r-thread-4 org.akhq.log.access [Date: 2023-07-28T14:48:] [Duration: 506 ms] [Url: POST /login] [Status: 500] [Ip:] [User: Anonymous]
Also here you are my application-dev.yml file as below.
micronaut:
server:
port: 8443
cors:
enabled: true
configurations:
all:
allowedOrigins:
- http://localhost:9080
security:
enabled: true
ldap:
default:
enabled: true
context:
server: 'ldap://**.local:389'
managerDn: 'cn=**,ou=Service_User,dc=**,dc=local'
managerPassword: '**'
search:
base: "dc=**,dc=local"
groups:
enabled: true
base: "dc=**,dc=local"
akhq:
connections:
local:
properties:
bootstrap.servers: "localhost:9092"
schema-registry:
url: "http://schema-registry:8085"
connect:
- name: "connect"
url: "http://localhost:8083"
security:
groups:
admin: # unique key
name: admin # Group name
roles: # roles for the group
- topic/read
- topic/insert
- topic/delete
- topic/config/update
- node/read
- node/config/update
- topic/data/read
- topic/data/insert
- topic/data/delete
- group/read
- group/delete
- group/offsets/update
- registry/read
- registry/insert
- registry/update
- registry/delete
- registry/version/delete
- acls/read
- connect/read
- connect/insert
- connect/update
- connect/delete
- connect/state/update
attributes:
# Regexp list to filter topic available for group
topics-filter-regexp:
- "test.*"
# Regexp list to filter connect configs visible for group
connects-filter-regexp:
- "^test.*$"
# Regexp list to filter consumer groups visible for group
consumer-groups-filter-regexp:
- "consumer.*"
topic-reader: # unique key
name: topic-reader # Other group
roles:
- topic/read
attributes:
topics-filter-regexp:
- "test\\.reader.*"
basic-auth:
- username: admin
password: 2548d15a37248ed962ced56f49d4cfe3cf072aee0a2a0483b67abbb2f9c01188
groups:
- admin
ldap:
default-group: topic-reader
groups:
- name: group-ldap-1
groups: # Akhq groups list
- topic-reader-dev
- name: group-ldap-2
groups:
- admin
After rebuild configuration file as well as below, It worked.
micronaut:
security:
enabled: true
server:
port: 8443
cors:
enabled: true
configurations:
all:
allowedOrigins:
- http://localhost:3000
akhq:
connections:
kafka-switch:
properties:
bootstrap.servers: "server_ips"
schema-registry:
url: "http://server_ip:port"
connect:
- name: "connect"
url: "http://server_ip:port"
security:
default-group:
- no-roles # Default groups for all the user even unlogged user
# Groups definition
groups:
admin: # unique key
name: admin # Group name
roles: # roles for the group
- topic/read
- topic/insert
- topic/delete
- topic/config/update
- node/read
- node/config/update
- topic/data/read
- topic/data/insert
- topic/data/delete
- group/read
- group/delete
- group/offsets/update
- registry/read
- registry/insert
- registry/update
- registry/delete
- registry/version/delete
- acls/read
- connect/read
- connect/insert
- connect/update
- connect/delete
- connect/state/update
# Basic auth configuration
basic-auth:
- username: username
password: pass # Password in sha256
groups: # Groups for the user
- admin
- topic-reader