kafka-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Kalpesh Jadhav <kalpesh.jad...@citiustech.com>
Subject RE: Java API for kafka-acls.sh
Date Fri, 01 Apr 2016 14:14:02 GMT
Hi Gerard,



I am using kerberised environment.



By providing below jass file:



KafkaClient {

com.sun.security.auth.module.Krb5LoginModule required

doNotPrompt=true

useTicketCache=true

principal="ctadmin@HSCALE.COM"

useKeyTab=true

serviceName="kafka"

keyTab="/etc/security/keytabs/ctadmin.keytab"

client=true;

};

Client {

   com.sun.security.auth.module.Krb5LoginModule required

   useKeyTab=true

   keyTab="/etc/security/keytabs/ctadmin.keytab"

   storeKey=true

   useTicketCache=true

   serviceName="zookeeper"

   principal="ctadmin@HSCALE.COM";

};



I can create kafka topic through java application.



Problem is, in same application when I tried to give acl, it throws zookeeper keeper exception.



String[] cmdPArm = {"--add", "--allow-principals", "user:ctadmin", "--operation", "ALL","--topic",
topicName ,"--authorizer-properties", "zookeeper.connect={hostname}:2181 "};

AclCommand.main(cmdPArm);



Same code if I ran as a kafka user, by providing kafka own jass file it run properly.



Now I am not getting what mistake I am doing.

Because if there is, any  mistake in jass file then it should not allow me to create topic
also, but it’s getting created.



Is there any debug steps, to crack this, or someone has face this issue.



Thanks,

------------------------------------------------

Kalpesh Jadhav

Sr. Software Engineer | Development







-----Original Message-----
From: Gerard Klijs [mailto:gerard.klijs@dizzit.com]
Sent: Thursday, March 31, 2016 9:30 PM
To: users@kafka.apache.org
Subject: Re: Java API for kafka-acls.sh



You could check what it does, and do that instead of relying in the script.

It runs the kafka.admin.AclCommand class with some properties, and sets some jvm settings.



On Thu, Mar 31, 2016 at 4:36 PM Kalpesh Jadhav < kalpesh.jadhav@citiustech.com<mailto:kalpesh.jadhav@citiustech.com>>
wrote:



> Hi,

>

> Is there any java api available to give access to kafka topic??

>

> As we does through kafka-acls.sh.

> Just wanted to run below command through java api.

>

> kafka-acls.sh --add --allow-principals user:ctadmin --operation ALL

> --topic marchTesting --authorizer-properties

> zookeeper.connect={hostname}:2181

>

> ------------------------------------------------

> Kalpesh Jadhav

> Sr. Software Engineer | Development

> CitiusTech Inc.

> www.citiustech.com<http://www.citiustech.com<http://www.citiustech.com%3chttp:/www.citiustech.com>>

>

>

>

>

>

>

>

>
Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message