kafka-acl java api 使用碰到的问题

漂泊的美好 发表于: 2016-10-27   最后更新时间: 2016-10-27  
  •   8 订阅,1145 游览

想通过java来进行kafka赋权,下面是code


System.setProperty("java.security.auth.login.config","/etc/kafka/kafka_jaas.conf");
String[] cmdPArm = {"--authorizer-properties","zookeeper.connect=vmw201:2181/kafka","--add","--allow-principal","User:Alice","--operation","Write","--topic","test"};
AclCommand.main(cmdPArm);


虽然向程序中引入了jaas文件,通过该文件告诉程序,所使用的kafka超级用户主体和keytab所在路径,但还是出现了没有权限的问题。


Error while executing ACL command: org.apache.zookeeper.KeeperException$NoAuthException: KeeperErrorCode = NoAuth for /kafka-acl/Topic/test
org.I0Itec.zkclient.exception.ZkException: org.apache.zookeeper.KeeperException$NoAuthException: KeeperErrorCode = NoAuth for /kafka-acl/Topic/test
at org.I0Itec.zkclient.exception.ZkException.create(ZkException.java:68)
at org.I0Itec.zkclient.ZkClient.retryUntilConnected(ZkClient.java:995)
at org.I0Itec.zkclient.ZkClient.writeDataReturnStat(ZkClient.java:1138)
at org.I0Itec.zkclient.ZkClient.writeData(ZkClient.java:1133)
at org.I0Itec.zkclient.ZkClient.writeData(ZkClient.java:1101)
at kafka.utils.ZkUtils.updatePersistentPath(ZkUtils.scala:411)
at kafka.security.auth.SimpleAclAuthorizer.addAcls(SimpleAclAuthorizer.scala:173)
at kafka.admin.AclCommand$$anonfun$addAcl$1$$anonfun$apply$3.apply(AclCommand.scala:89)
at kafka.admin.AclCommand$$anonfun$addAcl$1$$anonfun$apply$3.apply(AclCommand.scala:86)
at scala.collection.TraversableLike$WithFilter$$anonfun$foreach$1.apply(TraversableLike.scala:772)
at scala.collection.immutable.Map$Map1.foreach(Map.scala:109)
at scala.collection.TraversableLike$WithFilter.foreach(TraversableLike.scala:771)
at kafka.admin.AclCommand$$anonfun$addAcl$1.apply(AclCommand.scala:86)
at kafka.admin.AclCommand$$anonfun$addAcl$1.apply(AclCommand.scala:80)
at kafka.admin.AclCommand$.withAuthorizer(AclCommand.scala:74)
at kafka.admin.AclCommand$.addAcl(AclCommand.scala:80)
at kafka.admin.AclCommand$.main(AclCommand.scala:48)
at kafka.admin.AclCommand.main(AclCommand.scala)
at kafka.acl.KafkaAcl.main(KafkaAcl.java:13)
Caused by: org.apache.zookeeper.KeeperException$NoAuthException: KeeperErrorCode = NoAuth for /kafka-acl/Topic/test
at org.apache.zookeeper.KeeperException.create(KeeperException.java:113)
at org.apache.zookeeper.KeeperException.create(KeeperException.java:51)
at org.apache.zookeeper.ZooKeeper.setData(ZooKeeper.java:1270)
at org.I0Itec.zkclient.ZkConnection.writeDataReturnStat(ZkConnection.java:133)
at org.I0Itec.zkclient.ZkClient$13.call(ZkClient.java:1142)
at org.I0Itec.zkclient.ZkClient.retryUntilConnected(ZkClient.java:985)
... 17 more







发表于: 7月前   最后更新时间: 7月前   游览量:1145
上一条: 我想用java操作topic,增删查改什么的,应该怎么做?
下一条: 启动Kafka,导致部署主机系统命令响应慢,Ping值高,怎么调优?
评论…

  • 还通过下面这种方式进行kerberos认证,但还是没什么作用:
    // Authenticating Kerberos principal
    System.out.println("Principal Authentication: ");
    final String user = "cloudera@CLOUDERA.COM";
    final String keyPath = "cloudera.keytab";
    UserGroupInformation.loginUserFromKeytab(user, keyPath);

    • 用命令的方式,环境是否都是正常的?
      如果是正常的,则需要关注环境了,是否加载到了运行中的jvm环境中,jdk的安全限制是否也替换了。
      • 评论…
        • in this conversation
          提问