sleungtoast opened a new issue #4365: Authentication provider getAuthData called before initialization URL: https://github.com/apache/pulsar/issues/4365 **Describe the bug** When I wrote a custom authentication provider, I expected `.getAuthData()` to not be called before `.start()` was called. When I turned on TLS, it hit a codepath where that happened. **To Reproduce** Steps to reproduce the behavior: 1. Add an Authentication provider that throws an exception if `start()` has not been called. 2. Use a TLS broker url 3. Create a consumer 4. On consumer `build()`, the Authentication provider will throw the exception. **Expected behavior** Do not call `Authentication.getAuthData()` before `Authentication.start()` so the consumer starts up successfully. **Additional context** In a `PulsarClientImpl` constructor, a new `ConnectionPool` is created, then a new `PulsarChannelInitializer` is created, which has the following code that doesn't use my auth data anyway. ``` if (conf.isUseTls()) { // Set client certificate if available AuthenticationDataProvider authData = conf.getAuthentication().getAuthData(); if (authData.hasDataForTls()) { this.sslCtx = SecurityUtility.createNettySslContextForClient(conf.isTlsAllowInsecureConnection(), conf.getTlsTrustCertsFilePath(), (X509Certificate[]) authData.getTlsCertificates(), authData.getTlsPrivateKey()); } else { this.sslCtx = SecurityUtility.createNettySslContextForClient(conf.isTlsAllowInsecureConnection(), conf.getTlsTrustCertsFilePath()); } } else { this.sslCtx = null; } ```
---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected] With regards, Apache Git Services
