Reputation: 313
How to implement OAUTHBEARER SASL authentication mechanism in kafka?
Can anyone explain how the client or inter broker communication happens with OAUTHBEARER authentication mechanism in kafka?
Upvotes: 2
Views: 10869
Answers (1)
Reputation: 111
You will need to implement two classes that uses an interface called AuthenticateCallbackHandler.
The first class implements the Login flow, where you need to call your OAuth server to retrieve a token. This class will be used by your clients or for interbroker connection.
The second class implements the Validation flow, where you will call your OAuth server to check if the send token is valid. This class will be used only at Kafka Broker.
I have an example of this implementation at github.com/jairsjunior/kafka-oauth
If you want to see how to setup a Kafka broker using this SASL mechanism, there is an article with all steps. https://medium.com/@jairsjunior/how-to-setup-oauth2-mechanism-to-a-kafka-broker-e42e72839fe
Upvotes: 10
Related Questions
- Kafka SASL: OAUTHBEARER and PLAIN simultaniously
- Using OAUTH2 to secure individual kafka topics
- How use kafka-topics with SASL auth
- Kafka SASL zookeeper authentication
- Setup client side SASL authentication to connect with two different kafka clusters
- How to configure kafka consumer with sasl mechanism PLAIN and with security protocol SASL_SSL in java?
- Kafka SASL Authentication mechanism using OAuthBearer?
- Kafka SASL configuration: Is it possible to enable it for only clients
- Kafka spring integration authorization with sasl
- Kafka security and authentication