SSL/TLS
Açıklaması şöyle. Şifreli iletişim içindir
By configuring SSL/TLS listeners, you can enforce encrypted communication channels to protect data privacy and integrity
SASL
Açıklaması şöyle. Authentication ve authorization içindir
Similarly, by enabling SASL-based listeners, you can enforce authentication and authorization mechanisms to control access to the Kafka cluster.
Açıklaması şöyle.
SASL_PLAINTEXT: Authentication and encryption using SASL mechanisms over plaintext.SASL_SSL: Authentication and encryption using SASL mechanisms over SSL/TLS.
Örnek
Şöyle yaparız
Properties properties(String bootstrapServers, String kafkaUsername, String kafkaPassword) {Properties properties = new Properties();properties.setProperty(ConsumerConfig.BOOTSTRAP_SERVERS_CONFIG, bootstrapServers);properties.setProperty(ConsumerConfig.KEY_DESERIALIZER_CLASS_CONFIG, IntegerDeserializer.class.getCanonicalName());properties.setProperty(ConsumerConfig.VALUE_DESERIALIZER_CLASS_CONFIG, StringDeserializer.class.getCanonicalName());properties.setProperty(ConsumerConfig.AUTO_OFFSET_RESET_CONFIG, "earliest");properties.setProperty("security.protocol", "SASL_SSL");properties.setProperty("sasl.mechanism", "PLAIN");String format = String.format( "org.apache.kafka.common.security.plain.PlainLoginModule required username=\"%s\" password=\"%s\";",kafkaUsername, kafkaPassword);properties.setProperty("sasl.jaas.config", format);return properties;}
Burada
Authentication Method yani sasl.mechanism : SASL/PLAIN
Security Protocol yani security.protocol : SASL_SSL
ve sonra sasl.jaas.config için
User Name : ... , Password : ...
geçiliyor.
No comments:
Post a Comment