Help Center/
MapReduce Service/
Developer Guide (LTS)/
Kafka Development Guide (Security Mode)/
Environment Preparation/
Preparing for Security Authentication/
SASL/PLAINTEXT Authentication
Updated on 2024-08-10 GMT+08:00
SASL/PLAINTEXT Authentication
This section applies to MRS 3.2.0 and later versions.
Scenario
Kafka supports SASL/PLAINTEXT authentication for clusters with Kerberos authentication enabled.
- Configure SASL/PLAINTEXT authentication on the Kafka server.
- Log in to FusionInsight Manager.
- Choose Cluster > Services > Kafka and choose Configurations > All Configurations. Search for sasl.enabled.mechanisms, change the value to GSSAPI,PLAIN, and click Save.
- Click Dashboard, click More, and select Restart Service to make the configuration take effect.
- Configure SASL/PLAINTEXT authentication on the Kafka client.
You only need to configure dynamic jaas.conf and set related authentication attributes on the Kafka client. For details, see the authentication sample code in Producer of the com.huawei.bigdata.kafka.example.security package.
public static Properties initProperties() { ............ props.put("sasl.mechanism", "PLAIN"); props.put("sasl.jaas.config","org.apache.kafka.common.security.plain.PlainLoginModule required username=manager_user password=Password;"); }
- manager_user is a human-machine user created on FusionInsight Manager and must have the production and consumption permissions for the topic that is being used.
- Password is the password of manager_user.
- If the open-source kafka-client JAR package is used, the special characters in the password can only be the dollar sign ($).
- If the MRS kafka-client JAR package is used, the special characters in the password are those supported by FusionInsight Manager (for example, ~`!?,.;-_'(){}[]/<>@#$%^&*+|\=).
Parent topic: Preparing for Security Authentication
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
The system is busy. Please try again later.
For any further questions, feel free to contact us through the chatbot.
Chatbot