Route via Kafka Assertion
The Route via Kafka assertion enables the policy to route gateway messages to known Kafka clusters topic.
Route via Kafkaassertion enables the policy to route gateway messages to known Kafka clusters topic.
Using the Assertion
To add an assertion, refer to Adding an Assertion for instructions on adding this assertion from
- Right-click "Route via Kafka" in the policy window and then selectKafka Routing Propertiesor double-click the assertion in the policy window.The assertion properties are displayed.
- Configure properties in theTargettab:
- Choose the Kafka client from theClientdrop-down list. The drop-down list includes all the Kafka client configurations that are enabled in the Manage Kafka Clients Configurations dialog. You must configure at least one Kafka client configuration before using this assertion.
- TheTopicfield specifies the name of the topic that is defined in the Kafka cluster.
- (Optional) ThePartitionfield specifies the logical grouping of stream for a given Topic. It is a number.
- (Optional) TheKeyfield specifies the logical identifier for the record in a stream. This identifier is unique in a Topic.
- TheWait for ACKcheckbox specifies if the assertion must wait for an acknowledgement. If the assertion does not receive an acknowledgment in the specified time, it falsifies the assertion.Default:Checked
- (Optional) Specify theTimeoutvalue in milliseconds for the assertion to wait for an acknowledgement. The default value is configured in the cluster property,kafka.routing.ackTimeout.
- (Optional) Change the prefix value to add to the context variables created by this assertion in theVariable Prefixfield, if needed. The default prefix value iskafkaRouting.
- Configure properties in theRequesttab:
- Choose the request source from theMessage Sourcedrop-down list. This is the message to send as the outbound request. It is normally theRequestmessage, but you can select a Message context variable that has been defined in the current context.
- Select thePassthrough Headerscheckbox to include all headers from the message source. If this checkbox is selected, all the message headers are included with the Kafka record. Content-Type header is included irrespective of the checkbox selection.
- Specify how to handle the security header in theCurrent WSS header handlingsection:
- Don't modify the request Security header: Instructs the Gateway to leave the security header in the outgoing SOAP request message as-is. The security header in the request may still have been modified if the Gateway needed to decrypt any encrypted material during message processing.Use this setting if the protected service must check the original security header in the request. Also use this setting if it does not matter to the protected service whether the request messages have a security header.For best performance, use this setting whenever possible to minimize the amount of per-request message modification.Note:Do not modify the Security header if the policy uses WS-Security.
- Remove Layer 7 actor and mustUnderstand attributes from processed Security header: Instructs the Gateway to remove the "mustUnderstand" attribute and 'Layer 7' actor from the security header in the outgoing SOAP message.Use this setting if the presence of the Layer 7 actor causes issues with the back-end service. In certain cases, this actor may cause the back-end service to ignore the Security headers because it believes it is addressed to someone else. You will also use this setting if the back-end service does not support Security and will reject a request with "mustUnderstand" asserted on the Security header.An alternative might be to remove the Security header completely. However, doing so incurs a performance penalty because of the extra processing that is required to remove these from the messages. You may want to keep the Security headers intact for logging purposes.
- Remove processed Security header from request before routing: Instructs the Gateway to remove any security header that was processed by the gateway before forwarding the request to the protected service.Use this setting when the protected service is not expecting security headers in the forwarded SOAP requests.
Wait for ACKcheckbox is selected in the assertion, the assertion populates the following variables with details of the delivered record:
Returns the record’s offset in the Kafka cluster stream.
Returns the partition to which the delivered record belongs to.
Returns the record creation time.
Specifies the timeout value in milliseconds that the
Route via Kafkaassertion waits for the acknowledgement from the back end Kafka server.