We are implementing a messaging solution using Kafka (version 0.8.2). Everything is fine except implementing security for Kafka Broker. Looks like anyone knowing the kafka host and port were able to publish and subscribe messages (kafka topic). Is there anyway to authenticate producer or consumer connections?
Any help would be greatly appreciated. Thanks all.
you can see https://github.com/blue20080/kafka . This project implement function "Add IP Filtering / Whitelists-Blacklists" , the issue about KAFKA-1810, for more details http://hadoop1989.com/2015/07/30/Upgrade-Kafka/
It's not supported right now but the change is scheduled for release with Kafka v0.8.3. See KAFKA-1690 for more details.
It's advised to use OAuth model for Kafka security as we do for web services. Kafka 2.x comes with this feature. For data security, you can use SSL encryption either Symmetric or Asymmetric as per your needs,
