kafka-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joe Stein <joe.st...@stealth.ly>
Subject Re: Kafka and authentication
Date Wed, 02 Apr 2014 14:32:00 GMT
Hi Raja, do you have an ICLA https://www.apache.org/licenses/icla.txt on
file with Apache?

One thought would be to branch a security branch at the commit you forked
from.  Then treat the rest of your commits as a contrib patch (requires
vote).

Then we could work on merging it into upstream and knock out some of the
security items.

Thoughts?

/*******************************************
 Joe Stein
 Founder, Principal Consultant
 Big Data Open Source Security LLC
 http://www.stealth.ly
 Twitter: @allthingshadoop <http://www.twitter.com/allthingshadoop>
********************************************/


On Mon, Mar 31, 2014 at 11:20 AM, Rajasekar Elango
<relango@salesforce.com>wrote:

> Hi Vijay,
>
> We implemented mutual ssl authentication in kafka for our internal use and
> we have plans to it contributed back to community.  But we implemented SSL
> over
> older snapshot of version of kafka 0.8 release. We have been busy with
> other projects and haven't got chance to merge our ssl changes to latest
> version
> of kafka. If you are interested in looking at the changes we made this, its
> available in my github fork of apache kafka (
> https://github.com/relango/kafka/tree/kafka_security)
>
> Thanks,
> Raja.
>
>
> On Fri, Mar 28, 2014 at 10:06 PM, Neha Narkhede <neha.narkhede@gmail.com
> >wrote:
>
> > Hi Vijay,
> >
> > The document you pointed out has our initial thoughts on Kafka security.
> > This work is still in design and discussion phase, no code has been
> written
> > as such and we hope to pick it up in a couple months. However, if you
> have
> > thoughts on how it should work and/or would like to contribute patches,
> we
> > would be happy to collaborate with you.
> >
> > Thanks,
> > Neha
> >
> >
> > On Fri, Mar 28, 2014 at 4:05 PM, Vijay Ramachandran <
> > vramachandran@apple.com
> > > wrote:
> >
> > > Hi All,
> > >
> > > I was googling around for info on securing kafka. The best document I
> > > could find was
> > https://cwiki.apache.org/confluence/display/KAFKA/Security,
> > > which is "kind of old". It is not clear if any steps were taken after
> > this
> > > doc was put together. Looking at the features / bug fixes in kafka also
> > > does not paint a clear picture. Hence this set of questions :
> > >
> > > Is there a way to make kafka authenticate a producer sending messages /
> > > consumer reading messages ?
> > > Is there a way to make kafka authenticate itself to the ZooKeeper
> > ensemble
> > > ?
> > >
> > > Any info will be deeply appreciated
> > >
> > > Thanks
> > >
> > > Vijay
> >
>
>
>
> --
> Thanks,
> Raja.
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message