Configuring authentication with Kerberos

Learn how to set up Kerberos authentication for SRM.

Configuring authentication with Kerberos for SRM can be achieved by adding the appropriate configuration properties to your configuration file.

  1. Specify the security protocols:
    security.protocol = SASL_PLAINTEXT
  2. Specify the authentication mechanism:
    sasl.mechanism = GSSAPI
  3. Specify the service name: = kafka
  4. Configure the JAAS.
    You have two options when configuring the JAAS:
    1. Embed it in the file with the sasl.jaas.config property:
      sasl.jaas.config = \ required \ 
           useKeyTab=true \
           keyTab="path/to/keytab file" \
           storeKey=true \
           useTicketCache=false \
    2. Create a JAAS configuration file containing the properties and pass its location with the SRM_KERBEROS_OPTS environment variable:
      export SRM_KERBEROS_OPTS=""

      For convenience, this and other environment variables can be added to /opt/streams-replication-manager/config/