Kerberos authentication

When the cluster has Kerberos authentication enabled configure Kerberos settings for DataStax Apache Kafka™ Connector.

When the cluster has Kerberos authentication enabled, configure these authentication settings.

Note: When authorization is enabled, the DataStax connector login role must have a minimum of modify privileges on tables receiving data from the DataStax Apache Kafka® Connector.

Parameters

auth.provider=GSSAPI
auth.gssapi.keyTab=path_to_keytab
auth.gssapi.principal=connectorPrincipal/hostname@EXAMPLE.com
auth.gssapi.service=dse

auth.provider

Select the type of authentication provider configured for the DataStax cluster.

None - No authentication.
PLAIN - Internal or LDAP authentication.
GSSAPI - Supports SASL authentication to DSE clusters using the GSSAPI mechanism (Kerberos authentication)
Note: When using the GSSAPI, the Kafka Connect process requires that the Kerberos configuration file (krb5.conf) location is provided in the java.security.krb5.conf system property at startup. See Using the DataStax Apache Kafka Connector with Kerberos.

Default: None

auth.gssapi.keyTab

Path to the Kerberos key tab file.

auth.gssapi.principal

Kerberos principal name. Specifying the principal explicitly to the connector is required if there are multiple principals that have valid tickets in the ticket cache. Prevents the connector from arbitrarily choosing one.

auth.gssapi.service

SASL service name to use for GSSAPI provider authentication.

Default: dse