REST Proxy Security Plugins
Confluent REST Proxy allows producing and consuming messages of different formats
through a REST interface. The security plugin provides the capability to
authenticate an incoming request, build the principal, and then propagate the
same requests to Apache Kafka® using the configured security mechanism. The
authorization is enforced through Kafka ACLs, which provide granular access
controls based on Kafka’s ACL implementation (such as limiting access to topics,
in which case the client principal is propagated to Kafka and has the same
access as if connected with that principal in any other client).
This software is available under a
Confluent enterprise license. You can use
this software for a 30-day trial period without a license key. If you are a subscriber, please contact
Confluent Support at email@example.com for more information.
The Confluent security plugins are an extension to Confluent Platform components. The security plugins are installed by default if you are
using ZIP and TAR archives, but must be installed manually if you are using DEB or RPM packages.
The default location for the Confluent REST Proxy Security Plugins is:
ZIP and TAR Archives
If you installed Confluent Platform by using ZIP or TAR archives, the security plugins are installed by
default and are located in
<path-to-confluent>/share/java/ in the individual component directories.
Ubuntu and Debian
If you installed Confluent Platform in a Ubuntu or Debian environment, you must install the plugins
separately with this command:
sudo apt-get update && sudo apt-get install confluent-security
After the installation is complete, you must add the following configuration in
the Confluent REST Proxy configuration file (
to activate the plugins.
Fully qualified class name of a valid implementation of the interface RestResourceExtension.
This can be used to inject user defined resources like filters. Typically used to add custom
capability like logging, security, etc
- Type: string
- Default: “”
- Importance: low
For information on how to leverage the REST Proxy Security Plugins to propagate credentials from REST Proxy
to Kafka brokers, see REST Proxy Credentials Propagation.