Loading

How to Configure Kafka Connector to Use SASL_SSL Security Protocol With PLAIN Mechanism in Mule 4

Publiceringsdatum: Mar 2, 2024
Uppgift

GOAL

This article shows how to configure Apache Kafka connector (Mule 4) to use SASL_SSL security protocol with PLAIN mechanism. This article is applicable for Kafka connector versions 3.0.6 to 3.0.10.

Steg
  1. Follow the guide to create the skeleton of the example Mule Application with Kafka connector
  2. Use the following template to create Apache_Kafka_Producer_configuration and Apache_Kafka_Consumer_configuration in the example Mule Application 
    <kafka:kafka-producer-config name="Apache_Kafka_Producer_configuration" doc:name="Apache Kafka Producer configuration" doc:id="340cf8ea-febd-486c-9b1f-37c6a1647bcf" >
		<kafka:ssl-kafka-producer-connection bootstrapServers="mykafka01.kafkanet:19091" keyStorePassword="changeit" keyStoreLocation="kafka.producer.keystore.jks" trustStorePassword="changeit" trustStoreLocation="kafka.producer.truststore.jks" >
			<kafka:additional-properties >
				<kafka:additional-property key="security.protocol" value="SASL_SSL" />
				<kafka:additional-property key="sasl.mechanism" value="PLAIN" />
                <kafka:additional-property key="sasl.jaas.config" value='org.apache.kafka.common.security.plain.PlainLoginModule required username="test-client" password="test-secret";' />
			</kafka:additional-properties>
		</kafka:ssl-kafka-producer-connection>
</kafka:kafka-producer-config>
<kafka:kafka-consumer-config name="Apache_Kafka_Consumer_configuration" doc:name="Apache Kafka Consumer configuration" doc:id="84482921-a5fd-48f1-b2e5-c8e6d31593ce" >
		<kafka:ssl-kafka-consumer-connection groupId="test-consumer" bootstrapServers="mykafka01.kafkanet:19091" keyStorePassword="changeit" keyStoreLocation="kafka.consumer.keystore.jks" trustStorePassword="changeit" trustStoreLocation="kafka.consumer.truststore.jks" >
			<kafka:additional-properties >
				<kafka:additional-property key="sasl.mechanism" value="PLAIN" />
				<kafka:additional-property key="security.protocol" value="SASL_SSL" />
                <kafka:additional-property key="sasl.jaas.config" value='org.apache.kafka.common.security.plain.PlainLoginModule required username="test-client" password="test-secret";' />
			</kafka:additional-properties>
		</kafka:ssl-kafka-consumer-connection>
</kafka:kafka-consumer-config>
  3. Adjust the SSL specific settings
    • trustStoreLocation
    • trustStorePassword
    • keyStoreLocation
    • keyStorePassword
  4. Put trust store and key store in project src/main/resources folder
  5. Adjust the Kafka and SASL specific settings
    • bootstrapServers: this should be provided by Kafka management team, it has to match the Kafka advertised SASL_SSL hostname and port
    • groupId: this should be provided by Kafka management team
    • username: this should be provided by Kafka management team
    • password: this should be provided by Kafka management team

Disclaimer: the example on this KB is provided as a reference for your own usage and it's not part of the official Mule product so its use will be considered as a custom implementation made by the customer.
 
Knowledge-artikelnummer

001117204

 
Laddar
Salesforce Help | Article