kafka-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jonathan Hodges <hodg...@gmail.com>
Subject Re: Kafka and authentication
Date Tue, 08 Apr 2014 12:39:33 GMT
+1 for security branch

We are willing to assist with the merge.


On Wed, Apr 2, 2014 at 8:32 AM, Joe Stein <joe.stein@stealth.ly> wrote:

> Hi Raja, do you have an ICLA https://www.apache.org/licenses/icla.txt on
> file with Apache?
>
> One thought would be to branch a security branch at the commit you forked
> from.  Then treat the rest of your commits as a contrib patch (requires
> vote).
>
> Then we could work on merging it into upstream and knock out some of the
> security items.
>
> Thoughts?
>
> /*******************************************
>  Joe Stein
>  Founder, Principal Consultant
>  Big Data Open Source Security LLC
>  http://www.stealth.ly
>  Twitter: @allthingshadoop <http://www.twitter.com/allthingshadoop>
> ********************************************/
>
>
> On Mon, Mar 31, 2014 at 11:20 AM, Rajasekar Elango
> <relango@salesforce.com>wrote:
>
> > Hi Vijay,
> >
> > We implemented mutual ssl authentication in kafka for our internal use
> and
> > we have plans to it contributed back to community.  But we implemented
> SSL
> > over
> > older snapshot of version of kafka 0.8 release. We have been busy with
> > other projects and haven't got chance to merge our ssl changes to latest
> > version
> > of kafka. If you are interested in looking at the changes we made this,
> its
> > available in my github fork of apache kafka (
> > https://github.com/relango/kafka/tree/kafka_security)
> >
> > Thanks,
> > Raja.
> >
> >
> > On Fri, Mar 28, 2014 at 10:06 PM, Neha Narkhede <neha.narkhede@gmail.com
> > >wrote:
> >
> > > Hi Vijay,
> > >
> > > The document you pointed out has our initial thoughts on Kafka
> security.
> > > This work is still in design and discussion phase, no code has been
> > written
> > > as such and we hope to pick it up in a couple months. However, if you
> > have
> > > thoughts on how it should work and/or would like to contribute patches,
> > we
> > > would be happy to collaborate with you.
> > >
> > > Thanks,
> > > Neha
> > >
> > >
> > > On Fri, Mar 28, 2014 at 4:05 PM, Vijay Ramachandran <
> > > vramachandran@apple.com
> > > > wrote:
> > >
> > > > Hi All,
> > > >
> > > > I was googling around for info on securing kafka. The best document I
> > > > could find was
> > > https://cwiki.apache.org/confluence/display/KAFKA/Security,
> > > > which is "kind of old". It is not clear if any steps were taken after
> > > this
> > > > doc was put together. Looking at the features / bug fixes in kafka
> also
> > > > does not paint a clear picture. Hence this set of questions :
> > > >
> > > > Is there a way to make kafka authenticate a producer sending
> messages /
> > > > consumer reading messages ?
> > > > Is there a way to make kafka authenticate itself to the ZooKeeper
> > > ensemble
> > > > ?
> > > >
> > > > Any info will be deeply appreciated
> > > >
> > > > Thanks
> > > >
> > > > Vijay
> > >
> >
> >
> >
> > --
> > Thanks,
> > Raja.
> >
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message