kafka-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Gibson, Todd" <Todd.Gib...@earlywarning.com>
Subject Bug in KafkaLog4jAppender Kerberos support
Date Thu, 12 May 2016 16:14:15 GMT
I apologize if this is the wrong place to report bugs...

And I'm not sure this is really a bug, just an improvement that would make my life easier.

The code below was added to the KafkaLog4jAppender in version 10.0.0 to support Kerberos.
 I think the null check for clientJaasConfPath should be moved, similar to how kerb5ConfPath
is handled.  The reason is that clientJaasConfPath is only used to set the java.security.auth.login.config
system property, which can also be set elsewhere (JVM option, other code).  If the system
property has already been set, I see no reason to require it to be specified again in the
log4j properties.

        if (securityProtocol != null && securityProtocol.contains("SASL") &&
saslKerberosServiceName != null && clientJaasConfPath != null) {
            props.put(SASL_KERBEROS_SERVICE_NAME, saslKerberosServiceName);
            System.setProperty("java.security.auth.login.config", clientJaasConfPath);
            if (kerb5ConfPath != null) {
                System.setProperty("java.security.krb5.conf", kerb5ConfPath);
            }
        }

Was there a reason for requiring it here?

Thanks,

Todd Gibson

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message