sasl authentication .

[joshypj]

Issue submitter TODO list

• [X] I've looked up my issue in FAQ
• [X] I've searched for an already existing issues here (legacy) and here
• [X] I've tried installing latest charts and the issue still persists there
• [X] I'm running a supported version of the application & chart which is listed here

Describe the bug (actual behavior)

how to provide the sasl protocol and authentication at values.yaml file at helm chart level.?

yamlApplicationConfig: {}

kafka:

clusters:

- name: yaml

bootstrapServers: kafka-service:9092

spring:

security:

oauth2:

auth:

type: disabled

management:

health:

ldap:

enabled: false

getting below error while trying to connect with a kafka cluster which uses sasl authentication

[2023-12-08 08:51:40,401] INFO [SocketServer listenerType=BROKER, nodeId=2] Failed authentication with /10.224.1.121 (channelId=10.224.1.221:9092-10.224.1.121:56258-290) (Unexpected Kafka request of type METADATA during SASL handshake.) (org.apache.kafka.common.network.Selector)

Expected behavior

tor) [2023-12-08 08:51:40,401] INFO [SocketServer listenerType=BROKER, nodeId=2] Failed authentication with /10.224.1.121 (channelId=10.224.1.221:9092-10.224.1.121:56258-290) (Unexpected Kafka request of type METADATA during SASL handshake.) (org.apache.kafka.common.network.Selector) [2023-12-08 08:51:41,206] INFO [SocketServer listenerType=BROKER, nodeId=2] Failed authentication with /10.224.1.121 (channelId=10.224.1.221:9092-10.224.1.121:56274-290) (Unexpected Kafka request of type METADATA during SASL handshake.)

Your installation details

option to accept .. sasl_mechanism='PLAIN', security_protocol='SASL_PLAINTEXT', sasl_plain_username='username', sasl_plain_password='password',

Steps to reproduce

used the latest kafka-ui helm chart

Screenshots

[2023-12-08 08:51:40,401] INFO [SocketServer listenerType=BROKER, nodeId=2] Failed authentication with /10.224.1.121 (channelId=10.224.1.221:9092-10.224.1.121:56258-290) (Unexpected Kafka request of type METADATA during SASL handshake.) (org.apache.kafka.common.network.Selector) [2023-12-08 08:51:41,206] INFO [SocketServer listenerType=BROKER, nodeId=2] Failed authentication with /10.224.1.121 (channelId=10.224.1.221:9092-10.224.1.121:56274-290) (Unexpected Kafka request of type METADATA during SASL handshake.)

Logs

[2023-12-08 08:51:40,401] INFO [SocketServer listenerType=BROKER, nodeId=2] Failed authentication with /10.224.1.121 (channelId=10.224.1.221:9092-10.224.1.121:56258-290) (Unexpected Kafka request of type METADATA during SASL handshake.) (org.apache.kafka.common.network.Selector) [2023-12-08 08:51:41,206] INFO [SocketServer listenerType=BROKER, nodeId=2] Failed authentication with /10.224.1.121 (channelId=10.224.1.221:9092-10.224.1.121:56274-290) (Unexpected Kafka request of type METADATA during SASL handshake.)

Additional context

connecting to existing kafka with sasl authentication

[angeloimm]

this is how I wrote my values.yaml:

   kafka:
     clusters:
       - name: "MyBrokerName"
         bootstrapServers: my_broker_url:9092
         properties:
           security.protocol: "SASL_PLAINTEXT"
           sasl.mechanism: "SCRAM-SHA-256"        
           sasl.jaas.config: "org.apache.kafka.common.security.scram.ScramLoginModule required username=\u0022MY_BROKER_USERNAME\u0022 password=\u0022MY_BROKER_PWD\u0022;"

[TheDukeDK]

What is the status of this? Is there some workaround to be able to connect to broker which requires SCRAM-SHA-512 authentication?

[TheDukeDK]

FYI: The below, redacted, configuration works for me. You can probably close this issue.

- name: delivery-test
        bootstrapServers: test-kafka-external-boostrap.example.com:9094,test-kafka-external-0.example.com:9094,test-kafka-external-1.example.com:9094,test-kafka-external-2.example.com:9094
        properties:
          security.protocol: SASL_SSL
          sasl.mechanism: SCRAM-SHA-512
          sasl.jaas.config: org.apache.kafka.common.security.scram.ScramLoginModule required username="USERNAME_HERE" password="PASSWORD_HERE";