Hi Stephane, Kafka 0.10.2.0 has removed this restriction. RC0 has been announced, maybe you can try it and see if it works for you?
Ismael On Mon, Feb 6, 2017 at 10:34 PM, Stephane Maarek < steph...@simplemachines.com.au> wrote: > Hi, > > As written here: > http://docs.confluent.io/3.1.2/connect/security.html#acl-considerations > "Note that if you are using SASL for authentication, you must use the same > principal for workers and connectors as only a single JAAS is currently > supported on the client side at this time as described here > <http://docs.confluent.io/3.1.2/kafka/sasl.html#kafka-sasl>." > > I think other components share the same concern (Kafka Rest proxy notably). > > It’s a bit of security risk to have the connect cluster write to several > topics while each connector’s config concern is usually to only write to a > few. Passing a specific jaas or login as part of the config would I think > resolve that problem. > > Are there any KIPs or roadmaps in place to properly isolate security > concerns? > > Thanks in advance > > Best regards, > Stephane >
