1 增加安全认证配置文件 config/zookeeper_server_jaas.conf [root@xxx  kafka_2.12-2.3.1]# touch zookeeper_server_jaas.conf [root@xxx  kafka_2.12-2.3.1]# vi zookeeper_server_jaas.conf  Server{     org.apache.kafka.common.security.plain.PlainLoginModule required     username="admin"     password="admin@123"     user_kafka="kafka#123"; };

2 增加配置 zookeeper.properties [root@hz-gd-dev-td-199-12-189 config]# vi zookeeper.properties authProvider.1=org.apache.zookeeper.server.auth.SASLAuthenticationProvider requireClientAuthScheme=sasl jaasLoginRenew=3600000

3  修改zookeeper-server-start.sh  增加KAFKA_OPTS配置  [root@hz-gd-sjfx-fpjs-199-12-128 config]# vi bin/zookeeper-server-start.sh  # limitations under the License. 放在配置文件开头  export KAFKA_OPTS="-Djava.security.auth.login.config=/kafka/kafka_2.12-2.3.1/config/zookeeper_server_jaas.conf"  4 重启zookeeper实例       bin/zookeeper-server-start.sh config/zookeeper.properties  5、在各个节点分别执行如上操作

1 增加安全认证配置文件 config/kafka_server_jaas.conf [root@xxx  kafka_2.12-2.3.1]# touch kafka_server_jaas.conf [root@xxx  kafka_2.12-2.3.1]# vi kafka_server_jaas.conf  ZkClient{  org.apache.kafka.common.security.plain.PlainLoginModule required  username="kafka"  password="kafka@123"; };2 增加配置 server.properties  #开启zookeeper ACL验证  zookeeper.set.acl=true

3 修改 kafka-server-start.sh 增加KAFKA_OPTS配置 # limitations under the License. 放在配置文件开头 export KAFKA_OPTS=" -Dzookeeper.sasl.client=true -Dzookeeper.sasl.clientconfig=ZkClient -Dzookeeper.sasl.client.username=kafka  -Djava.security.auth.login.config=/kafka/kafka_2.12-2.3.1/config/kafka_server_jaas.conf" 

4 重启kafka服务

bin/kafka-server-start.sh config/server.properties

 java.lang.SecurityException: zookeeper.set.acl is true, but the verification of the JAAS login file failed Kafka启动是没有配置JAAS登录文件，即java.security.auth.login.config参数没有设置。 配置文件没有正确配置参数值，没有找到能够使用的Client来获取用户名密码信息进行登陆。