org.apache.kafka.common.config.internals.BrokerSecurityConfigs Java Examples
The following examples show how to use
org.apache.kafka.common.config.internals.BrokerSecurityConfigs.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: SSLUtils.java From kop with Apache License 2.0 | 6 votes |
|
/**
* Configures Authentication related settings in SslContextFactory.
*/
protected static void configureSslContextFactoryAuthentication(SslContextFactory ssl,
Map<String, Object> sslConfigValues) {
String sslClientAuth = (String) getOrDefault(
sslConfigValues,
BrokerSecurityConfigs.SSL_CLIENT_AUTH_CONFIG,
"none");
switch (sslClientAuth) {
case "requested":
ssl.setWantClientAuth(true);
break;
case "required":
ssl.setNeedClientAuth(true);
break;
default:
ssl.setNeedClientAuth(false);
ssl.setWantClientAuth(false);
}
}
Example #2
| Source File: KafkaUtils.java From singer with Apache License 2.0 | 4 votes |
|
public static KafkaProducer<byte[], byte[]> createKafkaProducer(KafkaProducerConfig config, String namePrefix) {
String brokerList = Joiner.on(',').join(config.getBrokerLists());
Properties properties = new Properties();
// singer use namePrefix : "singer_"
properties.put(ProducerConfig.CLIENT_ID_CONFIG, namePrefix + CommonUtils.getHostName() + "_" + UUID.randomUUID());
properties.put(ProducerConfig.BOOTSTRAP_SERVERS_CONFIG, brokerList);
properties.put(ProducerConfig.KEY_SERIALIZER_CLASS_CONFIG, config.getKeySerializerClass());
properties.put(ProducerConfig.VALUE_SERIALIZER_CLASS_CONFIG, config.getValueSerializerClass());
if (config.getBufferMemory() >= DEFAULT_PRODUCER_BUFFER_MEMORY) {
// make sure that there is at least some reasonable amount of memory buffer
// if that's not the case use Kafka producer default
properties.put(ProducerConfig.BUFFER_MEMORY_CONFIG, config.getBufferMemory());
}
if (config.isTransactionEnabled()) {
properties.put(ProducerConfig.ENABLE_IDEMPOTENCE_CONFIG, true);
String transactionalId = namePrefix + CommonUtils.getHostName();
properties.put(ProducerConfig.TRANSACTIONAL_ID_CONFIG, transactionalId);
properties.put(ProducerConfig.ACKS_CONFIG, "all");
properties.put(ProducerConfig.TRANSACTION_TIMEOUT_CONFIG, config.getTransactionTimeoutMs());
} else {
properties.put(ProducerConfig.ACKS_CONFIG, String.valueOf(config.getAcks()));
}
if (config.isSetRetries()) {
properties.put(ProducerConfig.RETRIES_CONFIG, config.getRetries());
}
if (config.isSetCompressionType()) {
properties.put(ProducerConfig.COMPRESSION_TYPE_CONFIG, config.getCompressionType());
}
if (config.isSetMaxRequestSize()) {
properties.put(ProducerConfig.MAX_REQUEST_SIZE_CONFIG, config.getMaxRequestSize());
}
// ssl related kafka producer configuration
if (config.isSslEnabled()) {
List<String> missingConfigurations = new ArrayList<>();
Map<String, String> sslSettings = config.getSslSettings();
if (!sslSettings.containsKey(BrokerSecurityConfigs.SSL_CLIENT_AUTH_CONFIG)) {
missingConfigurations.add(BrokerSecurityConfigs.SSL_CLIENT_AUTH_CONFIG);
}
if (!sslSettings.containsKey(SslConfigs.SSL_ENABLED_PROTOCOLS_CONFIG)) {
missingConfigurations.add(SslConfigs.SSL_ENABLED_PROTOCOLS_CONFIG);
}
if (!sslSettings.containsKey(SslConfigs.SSL_ENDPOINT_IDENTIFICATION_ALGORITHM_CONFIG)) {
missingConfigurations.add(SslConfigs.SSL_ENDPOINT_IDENTIFICATION_ALGORITHM_CONFIG);
}
if (!sslSettings.containsKey(SslConfigs.SSL_KEY_PASSWORD_CONFIG)) {
missingConfigurations.add(SslConfigs.SSL_KEY_PASSWORD_CONFIG);
}
if (!sslSettings.containsKey(SslConfigs.SSL_KEYSTORE_LOCATION_CONFIG)) {
missingConfigurations.add(SslConfigs.SSL_KEYSTORE_LOCATION_CONFIG);
}
if (!sslSettings.containsKey(SslConfigs.SSL_KEYSTORE_LOCATION_CONFIG)) {
missingConfigurations.add(SslConfigs.SSL_KEYSTORE_LOCATION_CONFIG);
}
if (!sslSettings.containsKey(SslConfigs.SSL_KEYSTORE_TYPE_CONFIG)) {
missingConfigurations.add(SslConfigs.SSL_KEYSTORE_TYPE_CONFIG);
}
if (!sslSettings.containsKey(SslConfigs.SSL_SECURE_RANDOM_IMPLEMENTATION_CONFIG)) {
missingConfigurations.add(SslConfigs.SSL_SECURE_RANDOM_IMPLEMENTATION_CONFIG);
}
if (!sslSettings.containsKey(SslConfigs.SSL_TRUSTSTORE_LOCATION_CONFIG)) {
missingConfigurations.add(SslConfigs.SSL_TRUSTSTORE_LOCATION_CONFIG);
}
if (!sslSettings.containsKey(SslConfigs.SSL_TRUSTSTORE_PASSWORD_CONFIG)) {
missingConfigurations.add(SslConfigs.SSL_TRUSTSTORE_PASSWORD_CONFIG);
}
if (!sslSettings.containsKey(SslConfigs.SSL_TRUSTSTORE_TYPE_CONFIG)) {
missingConfigurations.add(SslConfigs.SSL_TRUSTSTORE_TYPE_CONFIG);
}
if (!missingConfigurations.isEmpty()) {
String errorMessage = String.join(",", missingConfigurations);
throw new ConfigException("Missing configuration : " + errorMessage);
}
properties.put(CommonClientConfigs.SECURITY_PROTOCOL_CONFIG, "SSL");
properties.put(ProducerConfig.CONNECTIONS_MAX_IDLE_MS_CONFIG, 30000L);
properties.put(ProducerConfig.BOOTSTRAP_SERVERS_CONFIG, brokerList);
for (Map.Entry<String, String> entry : sslSettings.entrySet()) {
properties.put(entry.getKey(), entry.getValue());
}
}
KafkaProducer<byte[], byte[]> producer = new KafkaProducer<>(properties);
return producer;
}
Example #3
| Source File: SSLUtils.java From kop with Apache License 2.0 | 4 votes |
|
public static SslContextFactory createSslContextFactory(KafkaServiceConfiguration kafkaServiceConfiguration) {
Builder<String, Object> sslConfigValues = ImmutableMap.builder();
CONFIG_NAME_MAP.forEach((key, value) -> {
Object obj = null;
switch(key) {
case SslConfigs.SSL_PROTOCOL_CONFIG:
obj = kafkaServiceConfiguration.getKopSslProtocol();
break;
case SslConfigs.SSL_PROVIDER_CONFIG:
obj = kafkaServiceConfiguration.getKopSslProvider();
break;
case SslConfigs.SSL_CIPHER_SUITES_CONFIG:
// this obj is Set<String>
obj = kafkaServiceConfiguration.getKopSslCipherSuites();
break;
case SslConfigs.SSL_ENABLED_PROTOCOLS_CONFIG:
obj = kafkaServiceConfiguration.getKopSslEnabledProtocols();
break;
case SslConfigs.SSL_KEYSTORE_TYPE_CONFIG:
obj = kafkaServiceConfiguration.getKopSslKeystoreType();
break;
case SslConfigs.SSL_KEYSTORE_LOCATION_CONFIG:
obj = kafkaServiceConfiguration.getKopSslKeystoreLocation();
break;
case SslConfigs.SSL_KEYSTORE_PASSWORD_CONFIG:
obj = kafkaServiceConfiguration.getKopSslKeystorePassword();
break;
case SslConfigs.SSL_KEY_PASSWORD_CONFIG:
obj = kafkaServiceConfiguration.getKopSslKeyPassword();
break;
case SslConfigs.SSL_TRUSTSTORE_TYPE_CONFIG:
obj = kafkaServiceConfiguration.getKopSslTruststoreType();
break;
case SslConfigs.SSL_TRUSTSTORE_LOCATION_CONFIG:
obj = kafkaServiceConfiguration.getKopSslTruststoreLocation();
break;
case SslConfigs.SSL_TRUSTSTORE_PASSWORD_CONFIG:
obj = kafkaServiceConfiguration.getKopSslTruststorePassword();
break;
case SslConfigs.SSL_KEYMANAGER_ALGORITHM_CONFIG:
obj = kafkaServiceConfiguration.getKopSslKeymanagerAlgorithm();
break;
case SslConfigs.SSL_TRUSTMANAGER_ALGORITHM_CONFIG:
obj = kafkaServiceConfiguration.getKopSslTrustmanagerAlgorithm();
break;
case SslConfigs.SSL_SECURE_RANDOM_IMPLEMENTATION_CONFIG:
obj = kafkaServiceConfiguration.getKopSslSecureRandomImplementation();
break;
case BrokerSecurityConfigs.SSL_CLIENT_AUTH_CONFIG:
obj = kafkaServiceConfiguration.getKopSslClientAuth();
break;
default:
log.error("key {} not contained in KafkaServiceConfiguration", key);
}
if (obj != null) {
sslConfigValues.put(key, obj);
}
});
return createSslContextFactory(sslConfigValues.build());
}
