[
https://issues.apache.org/jira/browse/FLINK-3239?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15262538#comment-15262538
]
Vijay Srinivasaraghavan commented on FLINK-3239:
------------------------------------------------
Thanks [~stefanobaghino]
I believe the kafka consumer principal and keytab infomation will be supplied
in the JassConfig file for the Kafka client code to peform kerberos
authentication and we need to pass only the JAAS config file property to the
kafka clients (producer/consumer).
I am trying to understand the need for passing the keytab configuration file
location (public static final String KRB5_CONF_PATH = "krb5.conf.path") ? Could
you please explain.
KafkaClient {
com.sun.security.auth.module.Krb5LoginModule required
useKeyTab=true
storeKey=true
keyTab="/etc/security/keytabs/kafkaClient.keytab"
principal="kafka-cli...@foo.com";
};
> Support for Kerberos enabled Kafka 0.9.0.0
> ------------------------------------------
>
> Key: FLINK-3239
> URL: https://issues.apache.org/jira/browse/FLINK-3239
> Project: Flink
> Issue Type: New Feature
> Reporter: Niels Basjes
> Assignee: Stefano Baghino
> Attachments: flink3239-prototype.patch
>
>
> In Kafka 0.9.0.0 support for Kerberos has been created ( KAFKA-1686 ).
> Request: Allow Flink to forward/manage the Kerberos tickets for Kafka
> correctly so that we can use Kafka in a secured environment.
> I expect the needed changes to be similar to FLINK-2977 which implements the
> same support for HBase.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
