Kerberos authentication

When the DataStax cluster has Kerberos authentication enabled configure Kerberos settings for DataStax Apache Kafka™ Connector.

When the DataStax cluster has Kerberos authentication enabled, configure these authentication settings.

Note: When authorization is enabled, the DataStax connector login role must have a minimum of modify privileges on tables receiving data from the DataStax Apache Kafka™ Connector.

Parameters

auth.provider=GSSAPI
auth.gssapi.keyTab=path_to_keytab
auth.gssapi.principal=connectorPrincipal/hostname@EXAMPLE.com
auth.gssapi.service=dse
auth.provider
Select the type of authentication provider configured for the DataStax cluster.
  • None - No authentication.
  • DSE - Internal or LDAP authentication.
  • GSSAPI - Supports SASL authentication to DSE clusters using the GSSAPI mechanism (Kerberos authentication)
    Note: When using the GSSAPI, the Kafka Connect process requires that the Kerberos configuration file (krb5.conf) location is provided in the java.security.krb5.conf system property at startup. See Using the DataStax Apache Kafka Connector with Kerberos.

Default: None

auth.gssapi.keyTab
Path to the Kerberos key tab file.
auth.gssapi.principal
Kerberos principal name. Specifying the principal explicitly to the connector is required if there are multiple principals that have valid tickets in the ticket cache. Prevents the connector from arbitrarily choosing one.
auth.gssapi.service
SASL service name to use for GSSAPI provider authentication.

Default: dse