Categories
discuss

Unexpected Kafka request of type METADATA during SASL handshake

I am trying to connect Kafka Java Client to a Kafka broker using SASL Plain. But when I try to send a message from the Producer, the Kafka Server logs the following error: [2020-04-30 14:48:14,955] …

I am trying to connect Kafka Java Client to a Kafka broker using SASL Plain. But when I try to send a message from the Producer, the Kafka Server logs the following error:

[2020-04-30 14:48:14,955] INFO [SocketServer brokerId=0] Failed authentication with /127.0.0.1 (Unexpected Kafka request of type METADATA during SASL handshake.) (org.apache.kafka.common.network.Selector)

By the looks, the producer tries to send a metadata request, before the SASL handshake. How can I do the handshake before sending the message?

Following is my kafka_server_jaas.conf file, which is used for Kafka Server.

KafkaServer {
    org.apache.kafka.common.security.plain.PlainLoginModule required
    username="admin"
    password="admin-secret"
    user_admin="admin-secret";
};

Client {
    org.apache.kafka.common.security.plain.PlainLoginModule required
    username="admin"
    password="admin-secret";
};

Following is my zookeeper_jaas.conf file, which is used for the zookeeper:

Server {
    org.apache.kafka.common.security.plain.PlainLoginModule required
    username="admin"
    password="admin-secret"
    user_admin="admin-secret";
};

In my Java producer, I set the following properties:

Properties properties = new Properties();
properties.put("bootstrap.servers", "localhost:9092");
properties.put("sasl.jaas.config", "org.apache.kafka.common.security.plain.PlainLoginModule required username="admin" password="admin_secret"");
properties.put("sasl.mechanisms", "PLAIN");
properties.put("value.serializer", "org.apache.kafka.common.serialization.StringSerializer");
KafkaProducer kafkaProducer = new KafkaProducer(properties);

Is there anything wrong I am doing?

Answer

You need to specify security.protocol, otherwise by default, Kafka clients do not use SASL.

In your client properties, add:

properties.put("security.protocol", "SASL_SSL");

There’s also SASL_PLAINTEXT but it’s not recommended to use the PLAIN mechanism over SASL_PLAINTEXT as effectively the password will be exchanged in cleartext.

Source: stackoverflow
Text is available under the Creative Commons Attribution-ShareAlike License; additional terms may apply. By using this site, you agree to the Privacy Policy, and Copyright Policy. Content is available under CC BY-SA 3.0 unless otherwise noted. The answers/resolutions are collected from stackoverflow, are licensed under cc by-sa 2.5 , cc by-sa 3.0 and cc by-sa 4.0 © No Copyrights, All Questions are retrived from public domain..