kafka-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christian <engr...@gmail.com>
Subject Kafka SASL_PLAINTEXT and authentication/authorization backend failure
Date Thu, 19 Jan 2017 18:37:12 GMT
I have successfully gotten SASL_PLAINTEXT configured on Kafka cluster. We
implemented our own LoginModule and Server with the following caveat that I
am guessing I am doing something wrong.

The LoginModule's login method acquires a session id from an internal
security system and populates the subject with the relevant information. In
the server evaluateResponse we then validate that session.  On success,
everything is great. However, when the evaulateResponse returns with a
failure (throws an exception), the producer client just hangs when sending
a message until the configured timeout occurs. Interestingly enough, we see
the evaulateResponse method is getting called about every second until the
the producer client finally times out.

We get this same behavior when using the PlainLoginModule provided with
Kafka after changing the password on the client side to something different
from the server side.

Is this expected behavior?


  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message