USAGE: Use for JAAS Kerberos Plain Text
(def tcp-client (... create tcp client ...) (def c (jaas/jaas-login "KafkaClient")) (def sasl-client (jaas/sasl-client c (jaas/principal-name c) broker-host)) (jaas/sasl-handshake! tcp-client sasl-client timeout-ms)
System environment config must be set, see the project.clj file for this project. Properties required are:
-Djava.security.auth.login.config=/vagrant/vagrant/config/kafka_client_jaas.conf -Djava.security.krb5.conf=/vagrant/vagrant/config/krb5.conf
USAGE: Use for JAAS Kerberos Plain Text (def tcp-client (... create tcp client ...) (def c (jaas/jaas-login "KafkaClient")) (def sasl-client (jaas/sasl-client c (jaas/principal-name c) broker-host)) (jaas/sasl-handshake! tcp-client sasl-client timeout-ms) System environment config must be set, see the project.clj file for this project. Properties required are: -Djava.security.auth.login.config=/vagrant/vagrant/config/kafka_client_jaas.conf -Djava.security.krb5.conf=/vagrant/vagrant/config/krb5.conf
(as-hex bts)
(handshake-loop! conn sasl-client timeout-ms)
(handshake-request! conn)
SaslHandshake API (Key: 17)
SaslHandshake API (Key: 17) 1. SizeInBytes => int16 2. api_key => INT16 (0) 17 3. api_version => INT16 (0) 4. correlation_id => INT32 5. client_id => NULLABLE_STRING 6. mechanism => String "GSSAPI" or "PLAIN";
(handshake-response! conn timeout-ms)
;Response:
;Response: 1. SizeInBytes => int16 2. correlation_id => INT32 3. error_code => INT16 0 => None, 34 => InvalidSaslState, 35 => UnsupportedVersion 4. enabled_mechanisms => [STRING]
(jaas-expire-time ctx)
For all KerberosTicket(s) in the LoginContext the min auth time value is returned
For all KerberosTicket(s) in the LoginContext the min auth time value is returned
(jaas-expired? ctx)
True if the expire time is withing 30 seconds of the current time
True if the expire time is withing 30 seconds of the current time
(jaas-login jaas-name)
(jaas-logout ctx)
(kafka-service-name conf)
Search for sasl.kerberos.service.name is defined in either conf, System.properties its used, otherwise the default kafka name is used
Search for sasl.kerberos.service.name is defined in either conf, System.properties its used, otherwise the default kafka name is used
(principal-name ctx)
Return the unparsed principal name e.g kafka/broker1.kafkafast@KAFKAFAST A context can have multiple principals, this method returns the first principal found
Return the unparsed principal name e.g kafka/broker1.kafkafast@KAFKAFAST A context can have multiple principals, this method returns the first principal found
(readp-resp conn timeout-ms)
(sasl-client conf ctx host)
See https://docs.oracle.com/javase/8/docs/api/javax/security/sasl/Sasl.html servicePrincipal: should be in the format kafka/{host} see kafka-principal-name host: the kafka broker
See https://docs.oracle.com/javase/8/docs/api/javax/security/sasl/Sasl.html servicePrincipal: should be in the format kafka/{host} see kafka-principal-name host: the kafka broker
(sasl-handshake! conn
sasl-client
timeout-ms
&
{:keys [kafka-version] :or {kafka-version "0.10.0"}})
client: kafka-clj/tcp client sasl-client: jaas/sasl-client timeout-ms: timeout in milliseconds
client: kafka-clj/tcp client sasl-client: jaas/sasl-client timeout-ms: timeout in milliseconds
(send-read-data conn client-resp should-read timeout-ms)
Write [int size][client-resp] then read [int size][server resp]
Write [int size][client-resp] then read [int size][server resp]
(timeout? timeout-ms current-ms)
(with-auth ctx f)
cljdoc is a website building & hosting documentation for Clojure/Script libraries
× close