Tutorial

Admin setup

Each of the three admin interfaces (the pulsar-admin CLI tool, the REST API, and the Java admin API) requires some special setup if you have enabled authentication in your Pulsar instance.

  • pulsar-admin
  • REST API
  • Java

If you have enabled authentication, you need to provide an auth configuration to use the pulsar-admin tool. By default, the configuration for the pulsar-admin tool is in the conf/client.conf file. The following are the available parameters:

NameDescriptionDefault
webServiceUrlThe web URL for the cluster.http://localhost:8080/
brokerServiceUrlThe Pulsar protocol URL for the cluster.pulsar://localhost:6650/
authPluginThe authentication plugin.
authParamsThe authentication parameters for the cluster, as a comma-separated string.
useTlsWhether or not TLS authentication will be enforced in the cluster.false
tlsAllowInsecureConnectionAccept untrusted TLS certificate from client.false
tlsTrustCertsFilePathPath for the trusted TLS certificate file.

You can find details for the REST API exposed by Pulsar brokers in the REST API doc.

If you want to test REST APIs in postman, you can use the REST API JSON files here.

To use the Java admin API, instantiate a PulsarAdmin object, and specify a URL for a Pulsar broker and a PulsarAdminBuilder object. The following is a minimal example using localhost.

  1. String url = "http://localhost:8080";
  2. // Pass auth-plugin class fully-qualified name if Pulsar-security enabled
  3. String authPluginClassName = "com.org.MyAuthPluginClass";
  4. // Pass auth-param if auth-plugin class requires it
  5. String authParams = "param1=value1";
  6. boolean tlsAllowInsecureConnection = false;
  7. String tlsTrustCertsFilePath = null;
  8. PulsarAdmin admin = PulsarAdmin.builder()
  9. .authentication(authPluginClassName,authParams)
  10. .serviceHttpUrl(url)
  11. .tlsTrustCertsFilePath(tlsTrustCertsFilePath)
  12. .allowTlsInsecureConnection(tlsAllowInsecureConnection)
  13. .build();

If you use multiple brokers, you can use multi-host like Pulsar service. For example,

  1. String url = "http://localhost:8080,localhost:8081,localhost:8082";
  2. // Below are the same to the line 2 - line 13 in the code snippet above
  3. // Pass auth-plugin class fully-qualified name if Pulsar-security enabled
  4. String authPluginClassName = "com.org.MyAuthPluginClass";
  5. // Pass auth-param if auth-plugin class requires it
  6. String authParams = "param1=value1";
  7. boolean tlsAllowInsecureConnection = false;
  8. String tlsTrustCertsFilePath = null;
  9. PulsarAdmin admin = PulsarAdmin.builder()
  10. .authentication(authPluginClassName,authParams)
  11. .serviceHttpUrl(url)
  12. .tlsTrustCertsFilePath(tlsTrustCertsFilePath)
  13. .allowTlsInsecureConnection(tlsAllowInsecureConnection)
  14. .build();