kafka4beam / sasl_auth Goto Github PK
View Code? Open in Web Editor NEWSimple helper for SASL GSSAPI auth mechanism support in erlang applications
License: Apache License 2.0
Simple helper for SASL GSSAPI auth mechanism support in erlang applications
License: Apache License 2.0
Some users may not wish to use a nif. We can write a near perfect NIF, but we're still at the mercy of libraries we're using. Thus, a port implementation of sasl_auth is surely in order, especially since ROFL performance isn't the goal here.
The Makefile is a bit clumsy in regards to mac os. Specifically, we're assuming everyone has cyrus-sasl and krb5 installed via brew. We should probably check if brew is installed, then check if cyrus-sasl is installed via brew. If brew is not installed or cyrus-sasl is not installed via brew, don't append include and lib paths to flags.
We have a few odds and ends we want to do to do including #9, and a few issues I'm about to open. That said, I'm not sure I see a reason to wait publishing this to hex. We could publish it as an RC or pre.
To note, I thought sasl_auth was already on hex, it is not, nor is brod_gsspai.
There are instructions in the README (introduced in PR #8) for how to run the test cases introduced in PR #8. These instructions are not complete. See, for example, this comment #8 (comment) and other comments for the same PR. We should either update these instructions so they are complete or replace the instructions with a reference to a script that sets everything up automatically.
This would make it easier to make sure we do not add commits that break any test case.
Hi @ElMaxo
I might have done something wrong.
it'd be great if you can help me to troubleshoot this.
I'm following the steps here to setup kerberos:
http://docs.confluent.io/current/cp-docker-images/docs/tutorials/clustered-deployment-sasl.html
Succeeded in producing the 42 messages at the end of the doc.
But when I try to do enable gssapi auth in brod, I get this:
=SUPERVISOR REPORT==== 30-May-2017::17:36:58 ===
Supervisor: {local,brod_sup}
Context: child_terminated
Reason: {{{{badmatch,{error,"krb5_get_init_creds_keytab: (-1765328230) Cannot find KDC for realm \"TEST.CONFLUENT.IO\""}},
[{brod_gssapi,auth,6,
[{file,"src/brod_gssapi.erl"},{line,51}]},
{brod_sock,sasl_auth,6,
[{file,"src/brod_sock.erl"},{line,265}]},
{brod_sock,maybe_sasl_auth,6,
[{file,"src/brod_sock.erl"},{line,230}]},
{brod_sock,init,5,
[{file,"src/brod_sock.erl"},{line,194}]},
{proc_lib,init_p_do_apply,3,
[{file,"proc_lib.erl"},{line,247}]}]},
[{"quickstart.confluent.io",29094}]},
[{brod_client,start_metadata_socket,5,
[{file,"src/brod_client.erl"},{line,677}]},
{brod_client,handle_info,2,
[{file,"src/brod_client.erl"},{line,290}]},
{gen_server,try_dispatch,4,
[{file,"gen_server.erl"},{line,601}]},
{gen_server,handle_msg,5,
[{file,"gen_server.erl"},{line,667}]},
{proc_lib,init_p_do_apply,3,
[{file,"proc_lib.erl"},{line,247}]}]}
Here is the command I run to start a client.
CaCert = "/tmp/cp-docker-images/examples/kafka-cluster-sasl/secrets/producer-ca1-signed.crt".
KeyTab = <<"/tmp/cp-docker-images/examples/kafka-cluster-sasl/secrets/saslproducer.keytab">>.
Prin = <<"saslproducer/[email protected]">>.
brod:start_client([{"quickstart.confluent.io", 29094}], client1,
[{ssl, [{cacertfile, CaCert}]}, {sasl, {callback, brod_gssapi, {gssapi, KeyTab, Prin}}}]).
It would be useful with an easy way to run the tests with an address sanitizer compiled NIF library as this would make it easier to find memory leaks, write-after-frees and other memory related problems.
(I will start to work on this now)
This is related to issue #10.
Currently, one have to set up a Kerberos server, figure out which cyrus-sasl packages that need to be installed, install Kerberos, and configure the Kerberos server correctly to run the tests. This could be a very time consuming process (especially if one is new to Kerberos). Therefore, it would be great if all these could be automated so that one can run the tests in a docker container by just executing a single command.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.