Fwd: Authentication issues using cyrus-sasl from librdkafka on CentOSVM with Kerberos

Ken Hornstein kenh at cmf.nrl.navy.mil
Fri Jan 12 14:54:32 EST 2018


>I have a hard time troubleshooting an error. I posted the issue
>already here (https://github.com/edenhill/librdkafka/issues/1630) and
>here (https://github.com/cyrusimap/cyrus-sasl/issues/501), but to no
>avail.

It might be helpful to describe what the underlying Kerberos implementation
is on the server side.  The key error is "Matching credential not found";
you can ignore everything else.

I know nothing about kafka, in terms of who is a client or server, but ...
you posted this config file snippet:

'sasl.kerberos.service.name': 'kafka',
'sasl.kerberos.principal': 'user at principal,
'sasl.kerberos.keytab': keytab_file,

Are you sure 'user at principal' is correct?  If that's on the server side,
that would strike me as unlikely (not knowing the details of Kafka).

--Ken


More information about the Kerberos mailing list