Skip to content

Commit 61a8994

Browse files
thomasplarssonthomasplarsson
authored
fix(analytics): Support sasl authentication to kafka (datahub-project#2675)
1 parent 18557ed commit 61a8994

File tree

2 files changed

+16
-1
lines changed

2 files changed

+16
-1
lines changed

datahub-frontend/app/react/controllers/TrackingController.java

+13-1
Original file line numberDiff line numberDiff line change
@@ -6,6 +6,7 @@
66
import org.apache.kafka.clients.producer.KafkaProducer;
77
import org.apache.kafka.clients.producer.ProducerConfig;
88
import org.apache.kafka.clients.producer.ProducerRecord;
9+
import org.apache.kafka.common.config.SaslConfigs;
910
import org.apache.kafka.common.config.SslConfigs;
1011
import org.apache.kafka.common.security.auth.SecurityProtocol;
1112
import react.auth.Authenticator;
@@ -17,10 +18,16 @@
1718
import play.mvc.Security;
1819
import react.graphql.PlayQueryContext;
1920

21+
import java.util.Arrays;
22+
import java.util.Collections;
23+
import java.util.List;
2024
import java.util.Properties;
2125

2226
public class TrackingController extends Controller {
2327

28+
private static final List<String> KAFKA_SSL_PROTOCOLS = Collections.unmodifiableList(
29+
Arrays.asList(SecurityProtocol.SSL.name(),SecurityProtocol.SASL_SSL.name()));
30+
2431
private final Boolean _isEnabled;
2532
private final Config _config;
2633
private final KafkaProducer<String, String> _producer;
@@ -81,7 +88,7 @@ private KafkaProducer createKafkaProducer() {
8188

8289
final String securityProtocolConfig = "analytics.kafka.security.protocol";
8390
if (_config.hasPath(securityProtocolConfig)
84-
&& _config.getString(securityProtocolConfig).equals(SecurityProtocol.SSL)) {
91+
&& KAFKA_SSL_PROTOCOLS.contains(_config.getString(securityProtocolConfig))) {
8592
props.put(CommonClientConfigs.SECURITY_PROTOCOL_CONFIG, _config.getString(securityProtocolConfig));
8693
props.put(SslConfigs.SSL_KEY_PASSWORD_CONFIG, _config.getString("analytics.kafka.ssl.key.password"));
8794

@@ -95,6 +102,11 @@ private KafkaProducer createKafkaProducer() {
95102

96103
props.put(SslConfigs.SSL_PROTOCOL_CONFIG, _config.getString("analytics.kafka.ssl.protocol"));
97104
props.put(SslConfigs.SSL_ENDPOINT_IDENTIFICATION_ALGORITHM_CONFIG, _config.getString("analytics.kafka.ssl.endpoint.identification.algorithm"));
105+
106+
if (_config.getString(securityProtocolConfig).equals(SecurityProtocol.SASL_SSL.name())) {
107+
props.put(SaslConfigs.SASL_MECHANISM, _config.getString("analytics.kafka.sasl.mechanism"));
108+
props.put(SaslConfigs.SASL_JAAS_CONFIG, _config.getString("analytics.kafka.sasl.jaas.config"));
109+
}
98110
}
99111

100112
return new KafkaProducer(props);

datahub-frontend/conf/application.conf

+3
Original file line numberDiff line numberDiff line change
@@ -154,6 +154,9 @@ analytics.kafka.ssl.truststore.location = ${?KAFKA_PROPERTIES_SSL_TRUSTSTORE_LOC
154154
analytics.kafka.ssl.truststore.password = ${?KAFKA_PROPERTIES_SSL_TRUSTSTORE_PASSWORD}
155155
analytics.kafka.ssl.protocol = ${?KAFKA_PROPERTIES_SSL_PROTOCOL}
156156
analytics.kafka.ssl.endpoint.identification.algorithm = ${?KAFKA_PROPERTIES_SSL_ENDPOINT_IDENTIFICATION_ALGORITHM}
157+
# If analytics.kafka.security.protocol is set to "SASL_SSL", both of these need to be set.
158+
analytics.kafka.sasl.mechanism = ${?KAFKA_PROPERTIES_SASL_MECHANISM}
159+
analytics.kafka.sasl.jaas.config = ${?KAFKA_PROPERTIES_SASL_JAAS_CONFIG}
157160

158161
# Required Elastic Client Configuration
159162
analytics.elastic.host = ${ELASTIC_CLIENT_HOST}

0 commit comments

Comments
 (0)