Kafka - Security
You want to configure a Kafka client to use SASL_SSL with SCRAM-SHA-512 mechanism. Which of the following is the correct minimal configuration snippet in Java?
You want to configure a Kafka client to use SASL_SSL with SCRAM-SHA-512 mechanism. Which of the following is the correct minimal configuration snippet in Java?
hard📝 Application Q15 of 15
Step-by-Step Solution
Solution:
Step 1: Match security.protocol with SASL_SSL
To use encrypted SASL,security.protocolmust beSASL_SSL.Step 2: Confirm sasl.mechanism and JAAS config
For SCRAM-SHA-512,sasl.mechanismmust beSCRAM-SHA-512and JAAS config must useScramLoginModulewith username and password.Step 3: Eliminate incorrect options
props.put("security.protocol", "SSL"); props.put("sasl.mechanism", "SCRAM-SHA-512"); props.put("sasl.jaas.config", "org.apache.kafka.common.security.scram.ScramLoginModule required username=\"user\" password=\"pass\";"); usesSSLwithout SASL, C uses wrong mechanism and protocol, D uses PLAIN mechanism instead of SCRAM-SHA-512.Final Answer:
Correct SASL_SSL with SCRAM-SHA-512 and proper JAAS config -> Option AQuick Check:
SASL_SSL + SCRAM-SHA-512 + JAAS = props.put("security.protocol", "SASL_SSL"); props.put("sasl.mechanism", "SCRAM-SHA-512"); props.put("sasl.jaas.config", "org.apache.kafka.common.security.scram.ScramLoginModule required username=\"user\" password=\"pass\";"); [OK]
Quick Trick: Match protocol, mechanism, and JAAS module exactly [OK]
Common Mistakes:
- Using SSL instead of SASL_SSL
- Mismatching mechanism and JAAS module
- Using wrong SASL mechanism version
Master "Security" in Kafka
Want More Practice?
15+ quiz questions · All difficulty levels · Free
Free Signup - Practice All QuestionsMore Kafka Quizzes