Support Questions

Find answers, ask questions, and share your expertise

Can Kafka handle the mixture of authentication methods?

I would like to access a kafka topic from both users

a) a user accessing through LDAP with Kerberos ticket

b) a user accessing through LDPA without Kerberos ticket

So, let say we have a kafka topic created called: topicA.

UserA (defined as a)) produces a message into topicA. And userB (defined as b)) needs to be able to consume the message from topicA.

The same should be valid other way round.

Would that work?

1 ACCEPTED SOLUTION

I have just got it answered - in HDP 2.3.x, 2.4.x and 2.5.x this scenario will not work. In the kerberized environment both users must have Kerberos ticket generated.

HDP 2.6, however, has an option that will allow users to authenticate with LDAP username/password.

View solution in original post

3 REPLIES 3

Expert Contributor

My understanding is that once Kafka is configured for Kerberos, Kafka requires a ticket for both Producers and Consumers.

Hi @bhagan,

Thanks for your comment. That was also my assumption but was looking for confirmation.

I have just got it answered - in HDP 2.3.x, 2.4.x and 2.5.x this scenario will not work. In the kerberized environment both users must have Kerberos ticket generated.

HDP 2.6, however, has an option that will allow users to authenticate with LDAP username/password.