Reputation: 23
Unexpected Kafka request of type METADATA during SASL handshake when connecting to kafka server by a consumer
I have 'kafka_2.13-3.7.0' on Windows 11
I want to run the kafka with SASL_PLAINTEXT, I followed the steps in https://kafka.apache.org/documentation/#security_sasl_plain
I added the following setting in file server.properties
listeners=SASL_PLAINTEXT://localhost:9092
security.inter.broker.protocol=SASL_PLAINTEXT
sasl.mechanism.inter.broker.protocol=PLAIN
sasl.enabled.mechanisms=PLAIN
I defined a config file 'kafka_jaas.conf' containing the following content
KafkaServer {
org.apache.kafka.common.security.plain.PlainLoginModule required
username="admin"
password="admin-secret"
user_admin="admin-secret"
user_alice="alice-secret";
};
Then I started the kafka server with the following JVM, the server started up successfully
-Djava.security.auth.login.config=kafka_jaas.conf
Then I added the following content in the consumer.properties
sasl.jaas.config=org.apache.kafka.common.security.plain.PlainLoginModule required username="alice" password="alice-secret";
security.protocol=SASL_PLAINTEXT
sasl.mechanism=PLAIN
Finally I ran a consumer kafka-console-consumer.bat --topic my-topic --from-beginning --bootstrap-server localhost:9092
But I got the following error [2024-06-01 23:51:57,041] INFO [SocketServer listenerType=ZK_BROKER, nodeId=0] Failed authentication with /127.0.0.1 (channelId=127.0.0.1:9092-127.0.0.1:56526-5) (Unexpected Kafka request of type METADATA during SASL handshake.) (org.apache.kafka.common.network.Selector)
Could anyone help me out, thank you.
I hope the kafka consumer started up successfully.
Upvotes: 1
Views: 623
Answers (2)
Reputation: 23
By the way, we can have the user/password setting in a config file instead of the .properties file, let's put the following content in 'kafka_jaas.conf'
KafkaClient {
org.apache.kafka.common.security.plain.PlainLoginModule required
username="alice"
password="alice-secret";
};
and removed the following setting from the consumer.properties/producer.properties file
sasl.jaas.config=org.apache.kafka.common.security.plain.PlainLoginModule required username="alice" password="alice-secret";
then we can start the consumer/producer with the following jvm setting like we start the server
-Djava.security.auth.login.config=kafka_jaas.conf
let us take consumer as example, we can modify the kafka-console-producer.bat by setting jvm if we have the kafka_jaas.conf in the config folder
set JAAS_OPTS=-Djava.security.auth.login.config=file:%~dp0../../config/kafka_jaas.conf
and modify the kafka-run-class.bat by adding jvm setting %JAAS_OPTS% to the java command
set COMMAND=%JAVA% %KAFKA_HEAP_OPTS% %KAFKA_JVM_PERFORMANCE_OPTS% %KAFKA_JMX_OPTS% %KAFKA_LOG4J_OPTS% %JAAS_OPTS% -cp "%CLASSPATH%" %KAFKA_OPTS% %*
but be careful, you still NEED to have the following settings in the conmuser.properties/producer.properties files
security.protocol=SASL_PLAINTEXT
sasl.mechanism=PLAIN
and don't forget, you MUST pass the .properties file to consumer/producer script by their option --consumer.config or --producer.config
Upvotes: 1
Reputation: 191743
The consumer.properties file must be provided by --consumer.config for the console consumer
Upvotes: 1
Related Questions
- Unexpected Kafka request of type METADATA during SASL handshake
- Exception while loading Zookeeper JAAS login context and Could not find a 'KafkaServer' or 'sasl_plaintext.KafkaServer' entry in the JAAS
- Kafka SASL handshake takes too long
- Kafka bootstrap setting precedence between cli option and configuration file
- Configure Apache KAFKA with external and internal listeners and SASL Authentication for external publish/subscribe
- understanding consumer group id
- Kafka Consumer does not receive data when one of the brokers is down