Skip to content

kafka4beam/brod_gssapi

1 Branch8 Tags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

zmstonezmstone
Merge pull request #22 from kafka4beam/use-latest-sasl-auth
Aug 29, 2024
bf41e7e · Aug 29, 2024

History

48 Commits
.github/workflows
.github/workflows
Aug 24, 2024
example
example
Aug 24, 2024
scripts
scripts
Jun 10, 2022
src
src
Aug 25, 2024
test
test
Aug 24, 2024
.gitignore
.gitignore
Jun 10, 2022
LICENSE.md
LICENSE.md
Jun 10, 2022
README.md
README.md
Jun 15, 2022
elvis.config
elvis.config
Jun 10, 2022
erlang_ls.config
erlang_ls.config
Jun 10, 2022
rebar.config
rebar.config
Aug 29, 2024
rebar.lock
rebar.lock
Aug 24, 2024

Repository files navigation

brod_gssapi

brod_gssapi is an authentication backend for brod. brod_gssapi makes it possible to connect Brod to a Kafka cluster using the SASL/GSSAPI (Kerberos) authentication method. Please see the configuration section below for information about which Kafka handshake versions that are supported. brod_gssapi uses sasl_auth, which is an Erlang wrapper for a SASL/GSSAPI C library.

Usage

  1. Install the dependencies for sasl_auth. More information about sasl_auth's dependencies can be found in sasl_auth's README.md file.
  2. Add brod_gssapi as dependency to your top level project that uses brod.
  3. Add {sasl, {callback, brod_gssapi, {gssapi, Keytab, Principal}}} to the brod client config. Keytab should be the keytab file path, and Principal should be a byte list or binary string.

The example/ directory in this repository contains a docker-compose project with Kerberos, Zookeeper, Kafka (with SASL/GSSAPI Kerberos authentication) and a Brod client. The example/README.md file describes how to run this example. The code in example/brod_client/src/example.erl sets up a Brod client with SASL/GSSAPI (Kerberos) authentication and sends and receives messages.

Dependencies

Please see sasl_auth's README.md file for information about what software you need to install before compiling and using this plugin.

Compile

$ rebar3 compile

Test

$ rebar3 ct

The example in the example/ directory also works as a test case. The example/README.md file describes how to run the example.

Configuration

For version of Brod before 3.16.4 the handshake version used for authentication with Kafka is not passed down to the brod_gssapi plugin. By default, brod_gssapi will use the legacy handshake version (the version used before handshake version naming was introduced to Kafka). This can be changed by configuring brod_gssapi with the setting default_handshake_vsn. brod_gssapi currently only supports the legacy and 1 handshake versions. Handshake version 0 is currently not supported. The setting can be changed both programmatically with application:set_env(brod_gssapi, default_handshake_vsn, 1) and by giving the following parameter to the Erlang command -brod_gssapi default_handshake_vsn 1.

About

SASL GSSAPI auth backend for brod (https://github.com/klarna/brod)

Resources

Readme

License

Apache-2.0 license
Activity
Custom properties

Stars

1 star

Watchers

4 watching

Forks

8 forks
Report repository

Releases

8 tags

Packages

No packages published

Contributors 6

Languages