error accessing Kafka Cluster that is secured through SASL PLAINTEXT using KafkaTool

Question

So I have secured a kafka cluster through below security mechanism in server.properties and added respective kafka and zookeeper jaas.config files

security.inter.broker.protocol=SASL_PLAINTEXT
sasl.mechanism.inter.broker.protocol=PLAIN

and using below command to start the kafka tool

kafkatool -J -Djava.security.auth.login.config=client_jaas.config

where client_jaas.config consists of below content

sasl.mechanism=PLAIN
# Configure SASL_SSL if SSL encryption is enabled, otherwise configure SASL_PLAINTEXT
security.protocol=SASL_PLAINTEXT

sasl.jaas.config=org.apache.kafka.common.security.plain.PlainLoginModule required \
  username="admin" \
  password="password";

Kafkatool gets launched successfully cluster is being connected but when click on topic to see list of all the topic it gives me below error

Configured to use PLAINTTEXT but broker 0 does not support it.

Below is the content of the server_jaas.config file

KafkaServer {
  org.apache.kafka.common.security.plain.PlainLoginModule required
  username="admin"
  password="password"
  user_admin="password";
};

Client {
  org.apache.kafka.common.security.plain.PlainLoginModule required
  username="admin"
  password="password";
};

Below are the listeners details in the server.properties file

listeners=SASL_PLAINTEXT://0.0.0.0:9092
advertised.listeners=SASL_PLAINTEXT://:9092

If I see the full error log of kafaktool, of the output of command kafkatool -J-Djava.security.auth.login.config=client_jaas.config, below is what I see

01/Jun/2019 13:40:30.436 INFO  com.kafkatool.ui.MainApp - Starting application : Kafka Tool
01/Jun/2019 13:40:30.437 INFO  com.kafkatool.ui.MainApp - Version : 2.0.4
01/Jun/2019 13:40:30.437 INFO  com.kafkatool.ui.MainApp - Built : Feb 21, 2019
01/Jun/2019 13:40:30.438 INFO  com.kafkatool.ui.MainApp - user.home : /home/vivek
01/Jun/2019 13:40:30.438 INFO  com.kafkatool.ui.MainApp - user.dir : /opt/kafkatool2
01/Jun/2019 13:40:30.438 INFO  com.kafkatool.ui.MainApp - os.name : Linux
01/Jun/2019 13:40:30.438 INFO  com.kafkatool.ui.MainApp - java.runtime.version : 1.8.0_191-8u191-b12-2ubuntu0.18.04.1-b12
01/Jun/2019 13:40:30.439 INFO  com.kafkatool.ui.MainApp - max memory=1305 MB
01/Jun/2019 13:40:30.439 INFO  com.kafkatool.ui.MainApp - available processors=4
01/Jun/2019 13:40:30.440 INFO  com.kafkatool.ui.MainApp - java.security.auth.login.config=client_jaas.config
01/Jun/2019 13:40:30.443 INFO  com.kafkatool.ui.MainApp - java.security.auth.login.config exists = false
01/Jun/2019 13:40:30.449 INFO  com.kafkatool.common.ExternalDecoderManager - Finding plugins in directory /opt/kafkatool2/plugins
01/Jun/2019 13:40:30.449 INFO  com.kafkatool.common.ExternalDecoderManager - Found files in plugin directory, count=1
01/Jun/2019 13:40:30.450 INFO  com.kafkatool.ui.MainApp - Loading user settings
01/Jun/2019 13:40:30.497 INFO  com.kafkatool.ui.MainApp - Loading server group settings
01/Jun/2019 13:40:30.500 INFO  com.kafkatool.ui.MainApp - Loading server connection settings
01/Jun/2019 13:40:39.854 INFO  org.I0Itec.zkclient.ZkEventThread - Starting ZkClient event thread.
01/Jun/2019 13:40:39.862 INFO  org.apache.zookeeper.ZooKeeper - Client environment:zookeeper.version=3.3.3-1203054, built on 11/17/2011 05:47 GMT
01/Jun/2019 13:40:39.862 INFO  org.apache.zookeeper.ZooKeeper - Client environment:host.name=anakata
01/Jun/2019 13:40:39.863 INFO  org.apache.zookeeper.ZooKeeper - Client environment:java.version=1.8.0_191
01/Jun/2019 13:40:39.863 INFO  org.apache.zookeeper.ZooKeeper - Client environment:java.vendor=Oracle Corporation
01/Jun/2019 13:40:39.863 INFO  org.apache.zookeeper.ZooKeeper - Client environment:java.home=/usr/lib/jvm/java-8-openjdk-amd64/jre
01/Jun/2019 13:40:39.863 INFO  org.apache.zookeeper.ZooKeeper - Client environment:java.class.path=/opt/kafkatool2/.install4j/i4jruntime.jar:/opt/kafkatool2/lib/glazedlists.jar:/opt/kafkatool2/lib/gson-2.3.1.jar:/opt/kafkatool2/lib/jgoodies-common-1.6.0.jar:/opt/kafkatool2/lib/jgoodies-looks-2.5.3.jar:/opt/kafkatool2/lib/jide-oss.jar:/opt/kafkatool2/lib/jline.jar:/opt/kafkatool2/lib/jopt-simple.jar:/opt/kafkatool2/lib/kafka-clients.jar:/opt/kafkatool2/lib/kafka.jar:/opt/kafkatool2/lib/log4j.jar:/opt/kafkatool2/lib/lz4.jar:/opt/kafkatool2/lib/metrics-core.jar:/opt/kafkatool2/lib/netty.jar:/opt/kafkatool2/lib/ofjar.jar:/opt/kafkatool2/lib/quaqua.jar:/opt/kafkatool2/lib/scala-library.jar:/opt/kafkatool2/lib/scala-parser-combinators.jar:/opt/kafkatool2/lib/scala-xml.jar:/opt/kafkatool2/lib/slf4j-api.jar:/opt/kafkatool2/lib/slf4j-log4j12.jar:/opt/kafkatool2/lib/snappy.jar:/opt/kafkatool2/lib/zkclient.jar:/opt/kafkatool2/lib/zookeeper.jar
01/Jun/2019 13:40:39.864 INFO  org.apache.zookeeper.ZooKeeper - Client environment:java.library.path=/usr/java/packages/lib/amd64:/usr/lib/x86_64-linux-gnu/jni:/lib/x86_64-linux-gnu:/usr/lib/x86_64-linux-gnu:/usr/lib/jni:/lib:/usr/lib
01/Jun/2019 13:40:39.864 INFO  org.apache.zookeeper.ZooKeeper - Client environment:java.io.tmpdir=/tmp
01/Jun/2019 13:40:39.864 INFO  org.apache.zookeeper.ZooKeeper - Client environment:java.compiler=<NA>
01/Jun/2019 13:40:39.864 INFO  org.apache.zookeeper.ZooKeeper - Client environment:os.name=Linux
01/Jun/2019 13:40:39.865 INFO  org.apache.zookeeper.ZooKeeper - Client environment:os.arch=amd64
01/Jun/2019 13:40:39.865 INFO  org.apache.zookeeper.ZooKeeper - Client environment:os.version=4.15.0-48-generic
01/Jun/2019 13:40:39.865 INFO  org.apache.zookeeper.ZooKeeper - Client environment:user.name=vivek
01/Jun/2019 13:40:39.866 INFO  org.apache.zookeeper.ZooKeeper - Client environment:user.home=/home/vivek
01/Jun/2019 13:40:39.882 INFO  org.apache.zookeeper.ZooKeeper - Client environment:user.dir=/opt/kafkatool2
01/Jun/2019 13:40:39.884 INFO  org.apache.zookeeper.ZooKeeper - Initiating client connection, connectString=localhost:2181 sessionTimeout=30000 watcher=org.I0Itec.zkclient.ZkClient@60b5eeff
01/Jun/2019 13:40:39.917 INFO  org.apache.zookeeper.ClientCnxn - Opening socket connection to server localhost/127.0.0.1:2181
01/Jun/2019 13:40:39.927 INFO  org.apache.zookeeper.ClientCnxn - Socket connection established to localhost/127.0.0.1:2181, initiating session
01/Jun/2019 13:40:39.947 INFO  org.apache.zookeeper.ClientCnxn - Session establishment complete on server localhost/127.0.0.1:2181, sessionid = 0x100097569c60010, negotiated timeout = 30000
01/Jun/2019 13:40:39.949 INFO  org.I0Itec.zkclient.ZkClient - zookeeper state changed (SyncConnected)
01/Jun/2019 13:40:40.024 INFO  com.kafkatool.model.Broker - Parsing endpoint SASL_PLAINTEXT://anakata:9092
01/Jun/2019 13:40:40.025 INFO  com.kafkatool.model.KafkaMapper - Getting brokers from zookeeper, found 1
01/Jun/2019 13:40:40.025 INFO  org.I0Itec.zkclient.ZkEventThread - Terminate ZkClient event thread.
01/Jun/2019 13:40:40.044 INFO  org.apache.zookeeper.ZooKeeper - Session: 0x100097569c60010 closed
01/Jun/2019 13:40:40.044 INFO  org.apache.zookeeper.ClientCnxn - EventThread shut down
01/Jun/2019 13:40:40.046 ERROR com.kafkatool.model.Broker - Configured to use PLAINTEXT but broker 0 does not support it. Configured types {SASL_PLAINTEXT=BrokerEndpoint{protocol='SASL_PLAINTEXT', host='anakata', port=9092}}
01/Jun/2019 13:40:40.048 ERROR com.kafkatool.model.KafkaMapper - Error getting topics
java.lang.Exception: Configured to use PLAINTEXT but broker 0 does not support it.
    at com.kafkatool.model.Broker.getSecurityTypeConnectString(Broker.java:169)
    at com.kafkatool.model.KafkaMapper.getProperties(KafkaMapper.java:258)
    at com.kafkatool.model.KafkaMapper.getNewConsumer(KafkaMapper.java:1100)
    at com.kafkatool.model.KafkaMapper.getNewConsumer(KafkaMapper.java:1095)
    at com.kafkatool.model.KafkaMapper.getNewConsumer(KafkaMapper.java:1085)
    at com.kafkatool.model.KafkaMapper.getTopics(KafkaMapper.java:420)
    at com.kafkatool.model.ServerConnection.getTopics(ServerConnection.java:221)
    at com.kafkatool.model.ServerConnection.hasTopic(ServerConnection.java:203)
    at com.kafkatool.model.KafkaMapper.startPoller(KafkaMapper.java:105)
    at com.kafkatool.model.ServerConnection.connectInt(ServerConnection.java:336)
    at com.kafkatool.model.ServerConnection.connect(ServerConnection.java:315)
    at com.kafkatool.common.AsyncServerConnector.run(AsyncServerConnector.java:43)
    at java.lang.Thread.run(Thread.java:748)
01/Jun/2019 13:40:40.052 ERROR com.kafkatool.model.KafkaMapper - Error starting consumer offset poller
java.lang.Exception: Configured to use PLAINTEXT but broker 0 does not support it.
    at com.kafkatool.model.Broker.getSecurityTypeConnectString(Broker.java:169)
    at com.kafkatool.model.KafkaMapper.getProperties(KafkaMapper.java:258)
    at com.kafkatool.model.KafkaMapper.getNewConsumer(KafkaMapper.java:1100)
    at com.kafkatool.model.KafkaMapper.getNewConsumer(KafkaMapper.java:1095)
    at com.kafkatool.model.KafkaMapper.getNewConsumer(KafkaMapper.java:1085)
    at com.kafkatool.model.KafkaMapper.getTopics(KafkaMapper.java:420)
    at com.kafkatool.model.ServerConnection.getTopics(ServerConnection.java:221)
    at com.kafkatool.model.ServerConnection.hasTopic(ServerConnection.java:203)
    at com.kafkatool.model.KafkaMapper.startPoller(KafkaMapper.java:105)
    at com.kafkatool.model.ServerConnection.connectInt(ServerConnection.java:336)
    at com.kafkatool.model.ServerConnection.connect(ServerConnection.java:315)
    at com.kafkatool.common.AsyncServerConnector.run(AsyncServerConnector.java:43)

Answer 1

The comment line in your client_jaas.config does actually contain a clue on this:

Configure SASL_SSL if SSL encryption is enabled, otherwise configure SASL_PLAINTEXT

There seems to be a conflict in the 2 config settings you've provided.

In server.properties, you've mentioned:

security.inter.broker.protocol=SASL_PLAINTEXT

whereas in your client_jaas.config, you've mentioned:

security.protocol=SASL_SSL

Try changing this to SASL_PLAINTEXT.

Hope this helps!