热门标签
热门文章
- 1探秘micro-ROS for PlatformIO:无缝集成嵌入式ROS开发
- 2PaddleNLP Taskflow_typeerror:
- 3ANSI、ASCII、UTF-8、UNICODE、UCS-2、GBK区别与联系_ansi和gbk什么关系?
- 4Linux中关闭防火墙的几种方法_linux关闭防火墙
- 5Zxing图片识别 从相册选二维码图片解析总结_zxing-js 选择相册
- 6WAF绕过(下)
- 7spring源码解析-web系列(四):九大组件之HandlerAdapter_spring handleradapter核心代码
- 8如何更好地向 ChatGPT 提问?
- 9量子计算机应用于哪些领域,量子计算的应用领域
- 10Springboot—Spring Cache 缓存方案详解及代码-Ehcache_springcache
当前位置: article > 正文
Kafka安全认证-Kerberos&SCRAM_springkafka kerberos认证
作者:木道寻08 | 2024-08-09 02:24:05
赞
踩
springkafka kerberos认证
SASL/SCRAM动态认证
配置SASL/PLAIN验证,实现了对Kafka的权限控制。但SASL/PLAIN验证有一个问题:只能在JAAS文件KafkaServer中配置用户,一但Kafka启动,无法动态新增用户。SASL/SCRAM验证可以动态新增用户并分配权限安装步骤.
初始化
①启动Zookeeper服务
[root@CentOS zookeeper-3.4.6]# ./bin/zkServer.sh start zoo.cfg
JMX enabled by default
Using config: /usr/zookeeper-3.4.6/bin/../conf/zoo.cfg
Starting zookeeper ... STARTED
- 1
- 2
- 3
- 4
②解压kafka安装包
③ 创建SCRAM证书
1、创建broker建通信用户:admin(在使用sasl之前必须先创建,否则启动报错)
[root@CentOS kafka_2.11-2.2.0]# ./bin/kafka-configs.sh --zookeeper CentOS:2181 --alter --add-config 'SCRAM-SHA-256=[password=admin-sec],SCRAM-SHA-512=[password=admin-sec]' --entity-type users --entity-name admin
Completed Updating config for entity: user-principal 'admin'.
- 1
- 2
2、创建生产用户:producer
[root@CentOS kafka_2.11-2.2.0]# ./bin/kafka-configs.sh --zookeeper CentOS:2181 --alter --add-config 'SCRAM-SHA-256=[password=producer-sec],SCRAM-SHA-512=[password=producer-sec]' --entity-type users --entity-name producer
Completed Updating config for entity: user-principal 'producer'.
- 1
- 2
3、创建生产用户:consumer
[root@CentOS kafka_2.11-2.2.0]# ./bin/kafka-configs.sh --zookeeper CentOS:2181 --alter --add-config 'SCRAM-SHA-256=[password=consumer-sec],SCRAM-SHA-512=[password=consumer-sec]' --entity-type users --entity-name consumer
Completed Updating config for entity: user-principal 'producer'.
- 1
- 2
4、查看SCRAM证书信息
- 查看所有用户证书
[root@CentOS kafka_2.11-2.2.0]# ./bin/kafka-configs.sh --zookeeper CentOS:2181 --describe --entity-type users
Configs for user-principal 'admin' are SCRAM-SHA-512=salt=eGNkNjYzZDJwN24xeTFtaXpic2d6dnY1ag==,stored_key=l4FUWp9mV5gjT2NQT0ehFoZ6xp2UVWo9uzdoqCMTkHwM/QeJLL18ox6Xj4hDe3RBb4nv/RjGsJgKkXHd+cURNg==,server_key=QMAjOMaLnrbzwyJwlXaPFK81HuIQzS9NJJGrQewKlpHO/7oq7Pc8BAxMApyGjv7THFpzcLiFarspyvPJeG1V2w==,iterations=4096,SCRAM-SHA-256=salt=N2FyaWdpenRiYzczeWUwdXpidGN5N2NlYQ==,stored_key=q1rarCTxAZgLT14da2BGoKJ+AR80rqkRSCCH6q+wNC8=,server_key=34mFNBMYr5S8xznga6/N7eWPB16fRgM/uXh1A7Mp9NU=,iterations=4096
Configs for user-principal 'producer' are SCRAM-SHA-512=salt=bTg2dmExaDlucGdrOTh0bGp3dzVleDJzNg==,stored_key=OIKvp1ZqEBYh6l6W6DAaVGoff7qpSQ6QW21TH2k8Flt5V3IpUXXAjq9zkE8M1QHB5dTDaIxudYpDsJrr5sdbgw==,server_key=s2tMQOEb7aR7fFpkGFmy/OOqsDqy/Os32JbCUj3Crd/bXwQsbez5Bp661bliQVze8db9cBNOnvWGrf3smDJQNg==,iterations=4096,SCRAM-SHA-256=salt=NWJpajRncXR2MW8wOW04NzNqanM0YTI0Yg==,stored_key=HamFB9o2XMNzDyNhCCkBfDo73rwF9spdM3joIui7nZY=,server_key- 1
- 2
声明:本文内容由网友自发贡献,不代表【wpsshop博客】立场,版权归原作者所有,本站不承担相应法律责任。如您发现有侵权的内容,请联系我们。转载请注明出处:https://www.wpsshop.cn/w/木道寻08/article/detail/950982?site
推荐阅读
相关标签
