kafka 添加了acl 认证,其中的 --allow-principal User: 后面到底指的是什么?

冰晶睡梦猪 发表于: 2017-01-11   最后更新时间: 2017-01-11 13:12:42   5,871 游览

我在kafka 添加了ACL认证,并且已经可以成功控制某个IP地址能访问,或者不能访问对应的topic,但是当我新建一个topic的时候,想给这个topic添加一个只能某个ip下某个特定用户有读写权限的时候,不论怎么加都不行,只有添加User:*,这个ip下的用户才能访问。但是就相当于这个ip下的所有用户都有权限,没有针对单个用户设定权限。请前辈指教下,这里的user到底应该怎么加才能实现对单个用户授权。是需要在加ssl和sasl?
rhel6712950是我的想授权的主机hostname,ip是10.253.129.50.root是我的用户,我为topic testacl添加了如下acl
Following is list of acls for resource: Topic:testacl
User:rhel6712950 has Allow permission for operations: Write from hosts: 10.253.129.50
User:rhel6712950 has Allow permission for operations: Read from hosts: 10.253.129.50

User:root@rhel6712950 has Allow permission for operations: Read from hosts: 10.253.129.50
User:root@rhel6712950 has Allow permission for operations: Write from hosts: 10.253.129.50
User:root has Allow permission for operations: Read from hosts: 10.253.129.50
User:root has Allow permission for operations: Write from hosts: 10.253.129.50
但是root用户还是无法访问testacl这个topic,只有添加了如下的才有权访问
User: has Allow permission for operations: Read from hosts: 10.253.129.50
User:
has Allow permission for operations: Write from hosts: 10.253.129.50

发表于 2017-01-11
添加评论

楼主解决了么

求大神指导下

最后两行少复制了但是root用户还是无法访问testacl这个topic,只有添加了如下的才有权访问

User: has Allow permission for operations: Read from hosts: 10.253.129.50

User:
has Allow permission for operations: Write from hosts: 10.253.129.50

你的答案

查看kafka相关的其他问题或提一个您自己的问题