kafka-jira mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Ismael Juma (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (KAFKA-5945) Improve handling of authentication failures when credentials are removed
Date Wed, 20 Sep 2017 18:51:02 GMT

    [ https://issues.apache.org/jira/browse/KAFKA-5945?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16173664#comment-16173664
] 

Ismael Juma commented on KAFKA-5945:
------------------------------------

I think there are 2 scenarios to consider:

1. Credentials were removed and the user no longer has access to the app. I think it would
be acceptable to throw the exception back to the user and consider it fatal. That is, the
user would have to restart the client to get going.

2. Credentials are being rotated. This is the more complicated case and we need a good solution
for it. This case is probably what motivates point 3 in the original description.

> Improve handling of authentication failures when credentials are removed
> ------------------------------------------------------------------------
>
>                 Key: KAFKA-5945
>                 URL: https://issues.apache.org/jira/browse/KAFKA-5945
>             Project: Kafka
>          Issue Type: Improvement
>          Components: clients
>    Affects Versions: 1.0.0
>            Reporter: Rajini Sivaram
>            Assignee: Rajini Sivaram
>             Fix For: 1.1.0
>
>
> KAFKA-5854 improves the handling of authentication failures. The scope of KAFKA-5854
 was limited to a specific scenario - provide better feedback to applications when security
is misconfigured. The PR improves diagnostics for this scenario by throwing an AuthenticationException
and also avoids retries. To enable this, the first request initiated by any public API was
updated to throw authentication exceptions.
> This JIRA is for a more extensive handling of authentication exceptions which also includes
proper handling of credential updates at any time. If a credential is removed, then we could
see authentication exception from any request and we want to propagate this properly. This
needs quite extensive testing and is less likely to be hit by users, so it will be done later
under this JIRA.
> The gaps that need covering are:
> 1. Ensure authentication failures are processed in the Network client for any request
> 2. Ensure metadata refresh failures are handled properly at any time
> 3. Heartbeat threads and other background threads should handle authentication failures.
Threads should not terminate on failure, but should avoid retries until application performs
a new operation.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Mime
View raw message