• server.properties
    security.inter.broker.protocol=SASL_PLAINTEXT
    sasl.mechanism.inter.broker.protocol=PLAIN
    sasl.enabled.mechanisms=PLAIN
    authorizer.class.name=kafka.security.auth.SimpleAclAuthorizer
    allow.everyone.if.no.acl.found=true
    auto.create.topics.enable=true
    listeners=SASL_PLAINTEXT://<IP Address>:9092
    advertised.listeners=SASL_PLAINTEXT://<IP Address>:9092
  • zookeeper.properties
    authProvider.1=org.apache.zookeeper.server.auth.SASLAuthenticationProvider
    requireClientAuthScheme=sasl
    jaasLoginRenew=3600000
  • consumer.properties
    security.protocol=SASL_PLAINTEXT
    sasl.mechanism=PLAIN
  • zookeeper_jaas.conf
    Server {
    org.apache.zookeeper.server.auth.DigestLoginModule required
       user_super="zookeeper"
       user_admin="admin-secret";
            
  • kafka_server_jaas.conf
    KafkaServer {
    org.apache.kafka.common.security.plain.PlainLoginModule required
    username="admin"
    password="admin-secret"
    user_admin="admin-secret";
    Client {
    org.apache.zookeeper.server.auth.DigestLoginModule required
    username="admin"
    password="admin-secret";
         
  • Add the zookeeper_jaas.conf file to the environment variable KAFKA_OPTS before starting zookeeper.
    $ export KAFKA_OPTS="-
    Djava.security.auth.login.config=/KAFKA_HOME/config/zookeeper_jaas.conf"
    $ bin/zookeeper-server-start.sh -daemon config/zookeeper.properties
  • Add the kafka_server_jaas.conf file to the environment variable KAFKA_OPTS before starting kafka server.
    $ export KAFKA_OPTS="-
    Djava.security.auth.login.config=/KAFKA_HOME/config/kafka_server_jaas.conf"
    $ bin/kafka-server-start.sh -daemon config/server.properties
  • Configuring the producer. producer.properties
    security.protocol=SASL_PLAINTEXT
    sasl.mechanism=PLAIN
    bootstrap.servers=localhost:9092
    compression.type=none
  • kafka_client_jaas.conf. Note: Console operations [for testing purpose only].
    KafkaClient {
    org.apache.kafka.common.security.plain.PlainLoginModule required
    username="admin"
    password="admin-secret";
    Client {
      org.apache.zookeeper.server.auth.DigestLoginModule required
      username="admin"
      password="admin-secret";
    $ export KAFKA_OPTS="-
    Djava.security.auth.login.config=/KAFKA_HOME/config/kafka_client_jaas.conf"
    $ ./bin/kafka-console-consumer.sh --
    topic test-topic --from-beginning --
    consumer.config=config/consumer.properties --bootstrap-server=localhost:9092
    $ export KAFKA_OPTS="-
    Djava.security.auth.login.config=/KAFKA_HOME/config/kafka_client_jaas.conf"
    $ ./bin/kafka-console-producer.sh --broker-list localhost:9092 --topic test-topic
    --producer.config=config/producer.properties
  •