Git Product home page Git Product logo

kafka-security-playbook's Issues

java.lang.ClassNotFoundException: io.confluent.kafka.security.ldap.authorizer.LdapAuthorizer

I am having this problem when using LDAP. I use server.properties in this repositoy

[2020-05-22 04:39:49,183] ERROR Fatal error during SupportedServerStartable startup. Prepare to shutdown (io.confluent.support.metrics.SupportedKafka)
java.lang.ClassNotFoundException: io.confluent.kafka.security.ldap.authorizer.LdapAuthorizer
	at java.net.URLClassLoader.findClass(URLClassLoader.java:382)
	at java.lang.ClassLoader.loadClass(ClassLoader.java:424)
	at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:349)
	at java.lang.ClassLoader.loadClass(ClassLoader.java:357)
	at java.lang.Class.forName0(Native Method)
	at java.lang.Class.forName(Class.java:348)
	at org.apache.kafka.common.utils.Utils.loadClass(Utils.java:335)
	at org.apache.kafka.common.utils.Utils.newInstance(Utils.java:324)
	at kafka.security.authorizer.AuthorizerUtils$.createAuthorizer(AuthorizerUtils.scala:35)
	at kafka.server.KafkaConfig.<init>(KafkaConfig.scala:1382)
	at kafka.server.KafkaConfig.<init>(KafkaConfig.scala:1238)
	at kafka.server.KafkaConfig$.fromProps(KafkaConfig.scala:1218)
	at kafka.server.KafkaConfig$.fromProps(KafkaConfig.scala:1215)
	at kafka.server.KafkaConfig.fromProps(KafkaConfig.scala)
	at io.confluent.support.metrics.SupportedServerStartable.<init>(SupportedServerStartable.java:52)
	at io.confluent.support.metrics.SupportedKafka.main(SupportedKafka.java:45)

Example for SASL_SSL with Kerberos

First of all, thank you for this repo, it's awesome, I love it!

This repo has a running example for kerberized Kafka using SASL_PLAINTEXT, it would be great to have an example with SASL_SSL as well.

Does that make sense? If so, I can also contribute it.

Getting invalid volume specification error running kerberos

Env:
windows 10 running minikube 1.7.2 with virtualbox driver, using Gitbash

Problem:

cd /kerberos, and run ./up getting the errors below (unqiue to windows it appears as it works on my mac, using the latest repo)

Successfully built 2e29b2238f98
Successfully tagged kerberos_client:latest
Recreating 3376ac7adf80_kdc ... error

ERROR: for 3376ac7adf80_kdc Cannot create container for service kdc: invalid volume specification: 'C:\dev\code\GitHub\old.kafka-security-playbook\kerberos\kdc\krb5.conf:/etc/kdc/krb5.conf:rw'

ERROR: for kdc Cannot create container for service kdc: invalid volume specification: 'C:\dev\code\GitHub\old.kafka-security-playbook\kerberos\kdc\krb5.conf:/etc/kdc/krb5.conf:rw'

ZK login exception in kerberos example

ZK log

zookeeper | [2021-02-05 02:26:36,440] INFO Started ServerConnector@636be97c{HTTP/1.1,[http/1.1]}{0.0.0.0:8080} (org.eclipse.jetty.server.AbstractConnector)
zookeeper | [2021-02-05 02:26:36,440] INFO Started @768ms (org.eclipse.jetty.server.Server)
zookeeper | [2021-02-05 02:26:36,441] INFO Started AdminServer on address 0.0.0.0, port 8080 and command URL /commands (org.apache.zookeeper.server.admin.JettyAdminServer)
zookeeper | [2021-02-05 02:26:36,445] INFO Using org.apache.zookeeper.server.NIOServerCnxnFactory as server connection factory (org.apache.zookeeper.server.ServerCnxnFactory)
zookeeper | [2021-02-05 02:26:36,452] INFO Setting -D jdk.tls.rejectClientInitiatedRenegotiation=true to disable client-initiated TLS renegotiation (org.apache.zookeeper.common.X509Util)
zookeeper | [2021-02-05 02:26:36,470] WARN No password found for user: null (org.apache.zookeeper.server.auth.SaslServerCallbackHandler)
zookeeper | [2021-02-05 02:26:36,472] ERROR Unexpected exception, exiting abnormally (org.apache.zookeeper.server.ZooKeeperServerMain)
zookeeper | java.io.IOException: Could not configure server because SASL configuration did not allow the ZooKeeper server to authenticate itself properly: javax.security.auth.login.LoginException: No password provided
zookeeper | at org.apache.zookeeper.server.ServerCnxnFactory.configureSaslLogin(ServerCnxnFactory.java:243)
zookeeper | at org.apache.zookeeper.server.NIOServerCnxnFactory.configure(NIOServerCnxnFactory.java:646)
zookeeper | at org.apache.zookeeper.server.ZooKeeperServerMain.runFromConfig(ZooKeeperServerMain.java:143)
zookeeper | at org.apache.zookeeper.server.ZooKeeperServerMain.initializeAndRun(ZooKeeperServerMain.java:106)
zookeeper | at org.apache.zookeeper.server.ZooKeeperServerMain.main(ZooKeeperServerMain.java:64)
zookeeper | at org.apache.zookeeper.server.quorum.QuorumPeerMain.initializeAndRun(QuorumPeerMain.java:128)
zookeeper | at org.apache.zookeeper.server.quorum.QuorumPeerMain.main(QuorumPeerMain.java:82)

Kafkacat fails in TLS example

Using the TLS demo works as expected.
I can bring up the cluster and use the produce and consume example as recommended at the end in the script named up.

[OK] -> docker-compose exec kafka kafka-console-producer --broker-list kafka.confluent.local:9093 --topic test --producer.config /etc/kafka/consumer.properties
[OK] -> docker-compose exec kafka kafka-console-consumer --bootstrap-server kafka.confluent.local:9093 --topic test --consumer.config /etc/kafka/consumer.properties --from-beginning

[FAILE] -> docker-compose exec kafka kafkacat -L -b kafka.confluent.local:9093 -F /etc/kafka/kafkacat.conf -C -t test

This is the error message:
kafkacat: error while loading shared libraries: libssl.so.10: cannot open shared object file: No such file or directory

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.