Folks, I am having trouble enabling SASL_PLAINTEXT protocol for Kafka REST component to work with secure cluster (that also uses same protocol). I am sure I am missing something trivial. If someone can help, I'd really appreciate it.
Here're my configs: Startup script: cat /bin/kafka-rest-start ... exec $(dirname $0)/kafka-rest-run-class -Djava.security.auth.login.config=/etc/kafka-rest/kafka_rest_zk_jaas.properties io.confluent.kafkarest.KafkaRestMain "$@" [root@or1010050208015 kafka-rest]# cat /etc/kafka-rest/kafka_rest_zk_jaas.properties /* Zookeeper authentication, since REST proxy is a client */ Client { org.apache.zookeeper.server.auth.DigestLoginModule required username="zk_admin" password="zk_admin_secret"; }; REST properties: [root@or1010050208015 kafka-rest]# cat kafka-rest.properties schema.registry.url=http://localhost:8081 zookeeper.connect=localhost:2181 bootstrap.servers=SASL_PLAINTEXT://or1010050208015:9092,SASL_PLAINTEXT://or1010050208016:9092,SASL_PLAINTEXT://or1010050208017:9092 # Kafka security kafka.rest.resource.extension.class=io.confluent.kafkarest.security.KafkaRestSecurityResourceExtension # The authentication mechanism for the incoming requests is determined by following - Only SSL allowed #confluent.rest.auth.propagate.method=SSL #ssl.client.auth=TRUE # Principal (that is passed from Client) propagation happens via SASL client.security.protocol=SASL_PLAINTEXT client.sasl.jaas.config=/etc/kafka-rest/kafka_rest_jaas.properties client.sasl.mechanism=PLAIN Kafka REST JAAS file: [root@or1010050208015 kafka-rest]# cat /etc/kafka-rest/kafka_rest_jaas.properties /* Broker authentication, list all the logins that end users will use? */ KafkaClient { org.apache.kafka.common.security.plain.PlainLoginModule required username="kafka_admin" password="broker_secret"; }; I enabled DEBUG in logs and here's what I see (it's unable to talk to broker): [2017-10-18 19:47:37,851] TRACE Sending METADATA {topics=[testacls],allow_auto_topic_creation=true} with correlation id 4 to node -1 (org.apache.kafka.clients.NetworkClient:389) [2017-10-18 19:47:37,852] DEBUG Connection with or1010050208015.corp.adobe.com/10.50.208.15 disconnected (org.apache.kafka.common.network.Selector:401) java.io.EOFException at org.apache.kafka.common.network.NetworkReceive.readFromReadableChannel(NetworkReceive.java:87) at org.apache.kafka.common.network.NetworkReceive.readFrom(NetworkReceive.java:75) at org.apache.kafka.common.network.KafkaChannel.receive(KafkaChannel.java:203) at org.apache.kafka.common.network.KafkaChannel.read(KafkaChannel.java:167) at org.apache.kafka.common.network.Selector.pollSelectionKeys(Selector.java:381) at org.apache.kafka.common.network.Selector.poll(Selector.java:326) at org.apache.kafka.clients.NetworkClient.poll(NetworkClient.java:433) at org.apache.kafka.clients.producer.internals.Sender.run(Sender.java:224) at org.apache.kafka.clients.producer.internals.Sender.run(Sender.java:162) at java.lang.Thread.run(Thread.java:748) [2017-10-18 19:47:37,852] DEBUG Node -1 disconnected. (org.apache.kafka.clients.NetworkClient:704)