Reputation: 251
Hi i have a problem with connection to kafka on my server...
I have kafka on Linux server (with Kerberos), java client that is connection to it by adding in configuration keytab, principal (jaas config) and now i need to add similar config to c# app that will be produce some messages to kafka. C# app will work on Windows machine.
C# app is using Confluent.Kafka, connection to kafka that don`t have kerberos auth is very simple, im doing it like in https://github.com/confluentinc/confluent-kafka-dotnet
but now i need to configure it to connect to secured env...
So how to configure connection that will be use existing keytab file and principal?
I saw a lot of examples in java, but none working example of similar problem in C#
I would be grateful for any hint to go further with my problem
//update
it start working when I used config like:
config = new Dictionary<string, object>
{
{"bootstrap.servers", KAFKA_BROKER_SERVERS},
{"api.version.request", "true"},
{"security.protocol", "SASL_PLAINTEXT"},
{"sasl.kerberos.service.name", "kafka"},
{"sasl.kerberos.principal", "myPrincaipal@REALM"},
{"debug", "security,broker,protocol"}
};
Upvotes: 1
Views: 5621
Reputation: 3113
confluent-kafka-dotnet (or more precisely librdkafka, the underlying Kafka client implementation) will use Windows native SSPI for Kerberos authentication on Windows. This means you will not be able to use keytabs, etc, but instead rely on the logged on user's credentials on the Windows AD.
There's a community contributed guide here: https://github.com/edenhill/librdkafka/wiki/Using-SASL-with-librdkafka-on-Windows
Upvotes: 2