How to authenticate/authorize a consumer in Kafka for a topic before it consumes the message
Question
In kafka, is there a way to authenticate / authorize a consumer every time a consumer tries to read a message on a topic that it has subscriber to ?
The use case here is that a consumer should be able to present a auth token to the kafka broker and then, broker should be able to validate that token before letting consumer read a message from the topic.
Is the achievable in kafka ?
1 answers
solution1
6 ACCPTED 2018-01-24 09:38:07
Kafka provides both pluggable authentication and authorization mechanisms.
For authentication, the process of creating your own logic is described in: Can Kafka be provided with custom LoginModule to support LDAP?
For authorization, you simply need to provide a class that implements the Authorizer interface ( https://github.com/apache/kafka/blob/trunk/core/src/main/scala/kafka/security/auth/Authorizer.scala ) and set authorizer.class.name to your class in server.properties .
Authentication is only performed when a client connects so if you require validation to happen for every consume action, you'll have to use authorizations.
I suggest you get yourself familiar with Kafka security features and more specifically Authorizations: http://kafka.apache.org/documentation/#security_authz
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.