No. we are not planning to expose Kafka broker to public. It will be inside the fireball but we still want to authenticate the connection. I noticed that there is connection timeout to zookeeper, probably similar connection timeout from producer to broker. Does producer keeps the connection alive?
Thanks Subhash A. -----Original Message----- From: Jonathan Creasy [mailto:j...@box.com] Sent: Friday, December 07, 2012 1:57 PM To: users@kafka.apache.org Subject: Re: Quick question regarding kafka broker security Are you planning to directly publicly expose a Kafka Broker? -Jonathan On Fri, Dec 7, 2012 at 1:53 PM, Subhash Agrawal <sagra...@actuate.com>wrote: > Hi All, > > I am new to Kafka broker and realized that Kafka broker does not enforce > client authentication at connection or message level. > To avoid DOS attack, we are planning to implement security certificate at > client connection level, not at message level, so that > we can authenticate client connection before accepting messages. > > Can you guys share your thoughts about this idea if it will be feasible > without impacting system throughput? > > Thanks > Subhash A. > -- ** *Jonathan Creasy* | Sr. Ops Engineer e: j...@box.com | t: 314.580.8909
