Uploaded image for project: 'Kafka'
  1. Kafka
  2. KAFKA-12528

kafka-configs.sh does not work while changing the sasl jaas configurations.

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Duplicate
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: admin, core
    • Labels:
      None

      Description

      We are trying to modify the sasl jaas configurations for the kafka broker runtime using the dynamic config update functionality using the kafka-configs.sh script. But we are unable to get it working.

      Below is our command:

      ./kafka-configs.sh --bootstrap-server localhost:9092 --entity-type brokers --entity-name 59 --alter --add-config 'sasl.jaas.config=KafkaServer {\n org.apache.kafka.common.security.plain.PlainLoginModule required \n username=\"test\" \n password=\"test\"; \n };'

       

      command is exiting with error:

      requirement failed: Invalid entity config: all configs to be added must be in the format "key=val".

       

      we also tried below format as well:

      kafka-configs.sh --bootstrap-server localhost:9092 --entity-type brokers --entity-name 59 --alter --add-config 'sasl.jaas.config=[username=test,password=test]'

      command does not return but the kafka broker logs prints the below error messages.

      org.apache.kafka.common.security.authenticator.SaslServerAuthenticator - Set SASL server state to FAILED during authentication"}}
      {"type":"log", "host":"kf-kaudynamic-0", "level":"INFO", "neid":"kafka-cfd5ccf2af7f47868e83471a5b603408", "system":"kafka", "time":"2021-03-23T08:29:00.946", "timezone":"UTC", "log":{"message":"data-plane-kafka-network-thread-1001-ListenerName(SASL_PLAINTEXT)-SASL_PLAINTEXT-2 - org.apache.kafka.common.network.Selector - [SocketServer brokerId=1001] Failed authentication with /127.0.0.1 (Unexpected Kafka request of type METADATA during SASL handshake.)"}}

       

      1. If one has SASL enabled and with a single listener, how are we supposed to change the sasl credentials using this command ?

      2. can anyone point us out to some example commands for modifying the sasl jaas configurations ?

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              kaushik srinivas kaushik srinivas
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: