Details
Description
AdminClient.createAcls() call without "User:" prefix for principal fails with "org.apache.kafka.common.errors.UnknownServerException: The server experienced an unexpected error when processing the request." error, that says nothing about what is wrong
AdminClient properties:
String host = "172.17.157.212:9092";
adminClientProperties = new Properties();
adminClientProperties.put(AdminClientConfig.BOOTSTRAP_SERVERS_CONFIG, host);
adminClientProperties.put(AdminClientConfig.SECURITY_PROTOCOL_CONFIG, "SASL_SSL");
// SSL configuration
adminClientProperties.put(SslConfigs.SSL_KEYSTORE_LOCATION_CONFIG,
Paths.get(getClass().getResource("/client.keystore.jks").toURI()).toString());
adminClientProperties.put(SslConfigs.SSL_KEYSTORE_PASSWORD_CONFIG, "123456");
adminClientProperties.put(SslConfigs.SSL_KEY_PASSWORD_CONFIG, "123456");
adminClientProperties.put(SslConfigs.SSL_TRUSTSTORE_LOCATION_CONFIG,
Paths.get(getClass().getResource("/client.truststore.jks").toURI()).toString());
adminClientProperties.put(SslConfigs.SSL_TRUSTSTORE_PASSWORD_CONFIG, "123456");
// SASL configuration
adminClientProperties.put(SaslConfigs.SASL_MECHANISM, "SCRAM-SHA-512");
adminClientProperties.put(SaslConfigs.SASL_JAAS_CONFIG,
"org.apache.kafka.common.security.scram.ScramLoginModule required username=\"admin\" password=\"admin-secret\";");
Create ACLs call without "User:" prefix for principal:
try (Admin adminClient = Admin.create(adminClientProperties))
{ ResourcePattern resourcePattern = new ResourcePattern(ResourceType.TOPIC, pTopicName, PatternType.LITERAL); AccessControlEntry accessControlEntry = new AccessControlEntry(pPrincipal_name, host, AclOperation.READ, AclPermissionType.ALLOW); AclBinding aclBinding = new AclBinding(resourcePattern, accessControlEntry); CreateAclsResult createAclsResult = adminClient.createAcls(Arrays.asList(aclBinding)); KafkaFuture<Void> future = createAclsResult.all(); future.get(); }catch (Exception e)
{ System.out.println(e.getMessage()); throw new Exception(); }fails:
org.apache.kafka.common.errors.UnknownServerException: The server experienced an unexpected error when processing the request.
Create ACLs call with "User:" prefix for principal works fine:
try (Admin adminClient = Admin.create(adminClientProperties)) {
ResourcePattern resourcePattern = new ResourcePattern(ResourceType.TOPIC, pTopicName, PatternType.LITERAL);
AccessControlEntry accessControlEntry = new AccessControlEntry("User:" + pPrincipal_name,
host, AclOperation.READ, AclPermissionType.ALLOW);
AclBinding aclBinding = new AclBinding(resourcePattern, accessControlEntry);
CreateAclsResult createAclsResult = adminClient.createAcls(Arrays.asList(aclBinding));
KafkaFuture<Void> future = createAclsResult.all();
future.get();
}catch (Exception e){ System.out.println(e.getMessage()); throw new Exception(); }