Hi,
I've been trying to get SASL using SCRAM-SHA-512 up and running in Kafka
3.5 but I've been running into some issues which I'm not sure how to debug.
I'm able to authenticate when I use PLAIN and the following kafka_jaas.conf:
KafkaServer {
org.apache.kafka.common.security.plain.PlainLoginModule required
username="mybrokeruser"
password="mybrokerpassword";
};
I then try to change sasl.mechanism.controller.protocol from PLAIN to
SCRAM-SHA-512, run kafka-storage.sh format with --add-scram and change my
kafka_jaas.conf:
KafkaServer {
org.apache.kafka.common.security.scram.ScramLoginModule required
username="mybrokeruser"
password="mybrokerpassword";
};
At that point I keep getting authentication errors and I'm not sure how to
debug it or find out which credentials are used. I tried setting all
loggers to TRACE but I wasn't able to figure it out.
It's working on my other listeners (INTERNAL, CLIENT, EXTERNAL) but I can't
seem to get it working for the CONTROLLER listener for the KRaft
communication.
Any pointers for how to debug this would be much appreciated!
Kind Regards,
Robin
