I followed the tutorial of the answer of this question:
Kafka SASL zookeeper authentication
And i setted zookeeper.set.acl=true in the server.propeties, but i still can access the zookeeper on port 2181 and this is available for anyone through the: kafka-topics --zookeeper <server-name>:2181 --list
ps: instead of <server-name> i put the DN of my server.
Asked
Active
Viewed 186 times
0
Vinicius Silva
- 72
- 3
-
1Note: `--zookeeper` option is deprecated in latest Kafka cli tools – OneCricketeer Nov 12 '20 at 16:31
1 Answers
0
Authentication enforcement feature has recently been submitted in the ZooKeeper codebase and afaik there's no stable version released yet which supports it.
When you turn on SASL authentication, it will be available, but clients are still able to connect without it. Hence the recommendation is to use ACLs side by side with authentication to prevent non-authenticated user from accessing sensitive data.
Andor Molnar
- 66
- 3