SASL_SSL与EmbeddedKafka集成

时间:2019-06-07 18:06:12

标签: spring-kafka spring-kafka-test

我一直在关注此博客文章,以实现嵌入式sasl_ssl https://sharebigdata.wordpress.com/2018/01/21/implementing-sasl-plain/ 

@SpringBootTest
@RunWith(SpringRunner.class)
@TestPropertySource(properties = {
        "spring.kafka.bootstrap-servers=${spring.embedded.kafka.brokers}",
        "spring.kafka.consumer.group-id=notify-integration-test-group-id",
        "spring.kafka.consumer.auto-offset-reset=earliest"
})
public class ListenerIntegrationTest2 {
    static final String INBOUND = "inbound-topic";
    static final String OUTBOUND = "outbound-topic";

    static {
        System.setProperty("java.security.auth.login.config", "src/test/java/configs/kafka/kafka_jaas.conf");
    }

    @ClassRule
    public static final EmbeddedKafkaRule KAFKA = new EmbeddedKafkaRule(1, true, 1,
            ListenerIntegrationTest2.INBOUND, ListenerIntegrationTest2.OUTBOUND)
            .brokerProperty("listeners", "SASL_SSL://localhost:9092, PLAINTEXT://localhost:9093")
            .brokerProperty("ssl.keystore.location", "src/test/java/configs/kafka/kafka.broker1.keystore.jks")
            .brokerProperty("ssl.keystore.password", "pass")
            .brokerProperty("ssl.key.password", "pass")
            .brokerProperty("ssl.client.auth", "required")
            .brokerProperty("ssl.truststore.location", "src/test/java/configs/kafka/kafka.broker1.truststore.jks")
            .brokerProperty("ssl.truststore.password", "pass")
            .brokerProperty("security.inter.broker.protocol", "SASL_SSL")
            .brokerProperty("sasl.enabled.mechanisms", "PLAIN,SASL_SSL")
            .brokerProperty("sasl.mechanism.inter.broker.protocol", "SASL_SSL");

当我使用PLAINTEXT:// localhost:9093配置时,得到以下信息: WARN org.apache.kafka.clients.NetworkClient - [Controller id=0, targetBrokerId=0] Connection to node 0 terminated during authentication. This may indicate that authentication failed due to invalid credentials.

但是,当我删除它时,我得到org.apache.kafka.common.KafkaException: Tried to check server's port before server was started or checked for port of non-existing protocol

我尝试更改SecurityProtocol类型以自动发现应该使用哪种类型的代理通信(将其硬编码为纯文本-这可能应该得到解决):

   if (this.kafkaPorts[i] == 0) {
      this.kafkaPorts[i] = TestUtils.boundPort(server, SecurityProperties.forName(this.brokerProperties.getOrDefault("security.protocol", SecurityProtocol.PLAINTEXT).toString()); // or whatever property can give me the security protocol I should be using to communicate
   }

我仍然收到以下错误:WARN org.apache.kafka.clients.NetworkClient - [Controller id=0, targetBrokerId=0] Connection to node 0 terminated during authentication. This may indicate that authentication failed due to invalid credentials.

有没有办法正确配置嵌入式kafka以启用sasl_ssl?

0 个答案:

没有答案
相关问题
最新问题