Reputation: 1217
How to authenticate/authorize a consumer in Kafka for a topic before it consumes the message
In kafka, is there a way to authenticate / authorize a consumer every time a consumer tries to read a message on a topic that it has subscriber to ?
The use case here is that a consumer should be able to present a auth token to the kafka broker and then, broker should be able to validate that token before letting consumer read a message from the topic.
Is the achievable in kafka ?
Upvotes: 12
Views: 23742
Answers (1)
Reputation: 26885
Kafka provides both pluggable authentication and authorization mechanisms.
For authentication, the process of creating your own logic is described in: Can Kafka be provided with custom LoginModule to support LDAP?
For authorization, you simply need to provide a class that implements the Authorizer interface (https://github.com/apache/kafka/blob/trunk/core/src/main/scala/kafka/security/auth/Authorizer.scala) and set authorizer.class.name to your class in server.properties.
Authentication is only performed when a client connects so if you require validation to happen for every consume action, you'll have to use authorizations.
I suggest you get yourself familiar with Kafka security features and more specifically Authorizations: http://kafka.apache.org/documentation/#security_authz
Upvotes: 8
Related Questions
- Kafka message handling in consumer
- Read Kafka message and set that message is processing by client
- Consume messages without committing from Kafka 10 consumer
- Kafka Broker Authentication - Producer & Consumer
- Force consumer to read only those messages that came in topic after consumer came to life
- How to read messages from kafka consumer group without consuming?
- Using a Kafka consumer in order for a message to be consumed by exactly once semantics
- Allow consumption of same message by different consumers from a Kafka topic
- Apache Kafka: Can we restrict message to be read by only 1 consumer?
- Making Kafka consumers consume existing messages before subscription