Examples with JaasContext - org.apache.kafka.common.security.JaasContext

Example 21 with JaasContext

use of org.apache.kafka.common.security.JaasContext in project ranger by apache.

the class RangerKafkaAuthorizer method configure.

/*
	 * (non-Javadoc)
	 *
	 * @see kafka.security.auth.Authorizer#configure(Map<String, Object>)
	 */
@Override
public void configure(Map<String, ?> configs) {
    RangerBasePlugin me = rangerPlugin;
    if (me == null) {
        synchronized (RangerKafkaAuthorizer.class) {
            me = rangerPlugin;
            if (me == null) {
                try {
                    // Possible to override JAAS configuration which is used by Ranger, otherwise
                    // SASL_PLAINTEXT is used, which force Kafka to use 'sasl_plaintext.KafkaServer',
                    // if it's not defined, then it reverts to 'KafkaServer' configuration.
                    final Object jaasContext = configs.get("ranger.jaas.context");
                    final String listenerName = (jaasContext instanceof String && StringUtils.isNotEmpty((String) jaasContext)) ? (String) jaasContext : SecurityProtocol.SASL_PLAINTEXT.name();
                    final String saslMechanism = SaslConfigs.GSSAPI_MECHANISM;
                    JaasContext context = JaasContext.loadServerContext(new ListenerName(listenerName), saslMechanism, configs);
                    MiscUtil.setUGIFromJAASConfig(context.name());
                    logger.info("LoginUser=" + MiscUtil.getUGILoginUser());
                } catch (Throwable t) {
                    logger.error("Error getting principal.", t);
                }
                me = rangerPlugin = new RangerBasePlugin("kafka", "kafka");
            }
        }
    }
    logger.info("Calling plugin.init()");
    rangerPlugin.init();
    auditHandler = new RangerKafkaAuditHandler();
    rangerPlugin.setResultProcessor(auditHandler);
}

Also used : JaasContext(org.apache.kafka.common.security.JaasContext) ListenerName(org.apache.kafka.common.network.ListenerName) RangerBasePlugin(org.apache.ranger.plugin.service.RangerBasePlugin)

Aggregations

JaasContext (org.apache.kafka.common.security.JaasContext)21 HashMap (java.util.HashMap)10 ListenerName (org.apache.kafka.common.network.ListenerName)9 Map (java.util.Map)6 SaslChannelBuilder (org.apache.kafka.common.network.SaslChannelBuilder)5 TestJaasConfig (org.apache.kafka.common.security.authenticator.TestJaasConfig)5 List (java.util.List)4 Subject (javax.security.auth.Subject)4 TransportLayer (org.apache.kafka.common.network.TransportLayer)4 ApiVersionsResponse (org.apache.kafka.common.requests.ApiVersionsResponse)4 LogContext (org.apache.kafka.common.utils.LogContext)4 NioEchoServer (org.apache.kafka.common.network.NioEchoServer)3 TestSecurityConfig (org.apache.kafka.common.security.TestSecurityConfig)3 PlainLoginModule (org.apache.kafka.common.security.plain.PlainLoginModule)3 Test (org.junit.jupiter.api.Test)3 IOException (java.io.IOException)2 InetSocketAddress (java.net.InetSocketAddress)2 KafkaException (org.apache.kafka.common.KafkaException)2 ApiVersionsResponseData (org.apache.kafka.common.message.ApiVersionsResponseData)2 ApiVersion (org.apache.kafka.common.message.ApiVersionsResponseData.ApiVersion)2