kafka-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Schwilk David (IOC/PAP-TH)" <David.Schw...@bosch.io.INVALID>
Subject Kafka-client 2.5.0 connection to Azure Event Hub authentication failure
Date Fri, 07 Aug 2020 08:05:52 GMT
Hello,

When trying to connect our Kafka client to an Azure Event Hub via SASL_SSL we encounter an
error in the authentication process.

IllegalSaslStateException: Invalid SASL mechanism response, server may be expecting a different
protocol at 2020-08-07T05:03:16.072637487Z,
trace: org.apache.kafka.common.errors.IllegalSaslStateException: Invalid SASL mechanism response,
server may be expecting a different protocol Caused by:
org.apache.kafka.common.protocol.types.SchemaException: Error reading field auth_bytes: Bytes
size -1 cannot be negative at
org.apache.kafka.common.protocol.types.Schema.read(Schema.java:110) at
org.apache.kafka.common.protocol.ApiKeys.parseResponse(ApiKeys.java:313) at
org.apache.kafka.clients.NetworkClient.parseStructMaybeUpdateThrottleTimeMetrics(NetworkClient.java:725)
at
org.apache.kafka.clients.NetworkClient.parseResponse(NetworkClient.java:712) at
org.apache.kafka.common.security.authenticator.SaslClientAuthenticator.receiveKafkaResponse(SaslClientAuthenticator.java:523)
at
org.apache.kafka.common.security.authenticator.SaslClientAuthenticator.receiveToken(SaslClientAuthenticator.java:457)
at
org.apache.kafka.common.security.authenticator.SaslClientAuthenticator.authenticate(SaslClientAuthenticator.java:266)
at
org.apache.kafka.common.network.KafkaChannel.prepare(KafkaChannel.java:177) at
org.apache.kafka.common.network.Selector.pollSelectionKeys(Selector.java:547) at
org.apache.kafka.common.network.Selector.poll(Selector.java:485) at
org.apache.kafka.clients.NetworkClient.poll(NetworkClient.java:549) at
org.apache.kafka.clients.producer.internals.Sender.runOnce(Sender.java:324) at
org.apache.kafka.clients.producer.internals.Sender.run(Sender.java:239) at
java.base/java.lang.Thread.run(Thread.java:836)

It seems like auth_bytes is incorrect in the token response from Event Hub.
Previously when using the client 2.1.1 the connections were working.
The sasl configuration with which we’re connecting seems correct to me and was working on
the 2.1.1 client as well:

bootstrap.servers=XXX.servicebus.windows.net:9093
security.protocol=SASL_SSL
sasl.mechanism=PLAIN
sasl.jaas.config=org.apache.kafka.common.security.plain.PlainLoginModule required username="$ConnectionString"
password="Endpoint=sb://XXXX.servicebus.windows.net/;SharedAccessKeyName=RootManageSharedAccessKey;SharedAccessKey=**************************";

Were there some changes since 2.1.1, which could cause something like that?/ Is this error
known to you?

Best regards
David Schwilk

Bosch IoT Things- Product Area IoT Platform (IOC/PAP-TH)
Bosch.IO GmbH | Ziegelei 7 | 88090 Immenstaad | GERMANY | www.bosch.io
David.Schwilk@bosch-si.com<mailto:David.Schwilk@bosch-si.com>

Sitz: Berlin, Registergericht: Amtsgericht Charlottenburg; HRB 148411 B
Aufsichtsratsvorsitzender: Dr.-Ing. Thorsten Lücke; Geschäftsführung: Dr. Stefan Ferber,
Dr. Aleksandar Mitrovic, Yvonne Reckling

​
Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message