Enabling Basic Authentication for the SRM Service
Basic Authentication (BA) can be enabled for the Streams Replication Manager (SRM) Service in Cloudera Manager. After BA is enabled, the REST API of the SRM Service becomes secured. Any clients or services accessing the REST API will need to present valid credentials for access.
BA is set up for the SRM Service by creating Basic Authentication Credentials. A Basic Authentication Credential is an item that securely stores a username/password pair that can be used by the SRM Service for BA. Once the credential is defined, you must turn on BA for the SRM Service and reference the credentials you created in SRM’s configuration. After configuration is complete, the SRM Service and its Rest API will only be accessible by clients and services that present valid credentials.
In addition to the credentials configured with Basic Authentication Credentials, another username/password pair is generated automatically. This username and password pair is used by other services that depend on SRM and are deployed in the same cluster. These credentials are automatically passed to the dependent services. This way, any co-located dependent service automatically has access to the SRM REST API when BA is enabled. For example, Streams Messaging Manager is a service like this. It provides replication monitoring by accessing and gathering metrics from the SRM REST API. As a result it requires access to the REST API. If required, the automatically generated credentials can be updated. However their configuration is optional.
- If you have previously enabled Remote Querying for a separate SRM Service that targets this SRM Service (the one that you enabled BA for) with Remote Querying, complete Configuring Basic Authentication for Remote Querying for the SRM Service that has Remote Querying enabled.
-
Query metrics. You can do either of the following:
- Access the Replications page on the SMM UI. Replications will be visible in the UI.
- Query metrics using the SRM REST API. For example:
- Go to .
- Find and open the /v2/replications endpoint.
- Click Try it out then click
Execute.
You are prompted to enter a username and password.
- Enter the credentials you configured using Basic Authentication
Credentials.
The response includes all discovered replications, replicated topics, and various other metrics.