Currently, the supported mechanisms are Generic Security Services API (GSSAPI) or Kerberos and PLAIN.
Implementing authentication using SASL/Kerberos
How to do it...
To configure SASL authentication on the brokers perform the following:
- Select one or more mechanisms to enable in the broker: GSSAPI or PLAIN
- Add the JAAS config file location as a JVM parameter to each Kafka broker:
-Djava.security.auth.login.config=/etc/kafka/kafka_server_jaas.conf
- Configure an SASL port in server.properties by adding at least one of SASL_PLAINTEXT or SASL_SSL to the listeners, and optionally, advertised.listeners properties, each of which should contain one or more comma-separated values:
listeners=SASL_PLAINTEXT://host.name:port...