kafka-jira mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF GitHub Bot (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (KAFKA-4764) Improve diagnostics for SASL authentication failures
Date Fri, 15 Sep 2017 16:19:00 GMT

    [ https://issues.apache.org/jira/browse/KAFKA-4764?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16168105#comment-16168105

ASF GitHub Bot commented on KAFKA-4764:

Github user asfgit closed the pull request at:


> Improve diagnostics for SASL authentication failures
> ----------------------------------------------------
>                 Key: KAFKA-4764
>                 URL: https://issues.apache.org/jira/browse/KAFKA-4764
>             Project: Kafka
>          Issue Type: Improvement
>          Components: security
>    Affects Versions:
>            Reporter: Rajini Sivaram
>            Assignee: Rajini Sivaram
>             Fix For: 1.0.0
> At the moment, broker closes the client connection if SASL authentication fails. Clients
see this as a connection failure and do not get any feedback for the reason why the connection
was closed. Producers and consumers retry, attempting to create successful connections, treating
authentication failures as transient failures. There are no log entries on the client-side
which indicate that any of these connection failures were due to authentication failure.
> This JIRA will aim to improve diagnosis of authentication failures with the changes described
in [KIP-152|https://cwiki.apache.org/confluence/display/KAFKA/KIP-152+-+Improve+diagnostics+for+SASL+authentication+failures].
> This JIRA also does not change handling of SSL authentication failures. javax.net.debug
provides sufficient diagnostics for this case. SSL changes are harder to do while preserving
backward compatibility.

This message was sent by Atlassian JIRA

View raw message