Jason Gustafson created KAFKA-8530:
--------------------------------------
Summary: Consumer should handle authorization errors in OffsetFetch
Key: KAFKA-8530
URL: https://issues.apache.org/jira/browse/KAFKA-8530
Project: Kafka
Issue Type: Bug
Components: consumer
Reporter: Jason Gustafson
Assignee: Jason Gustafson
Found this in a test failure:
{code:java}
10:40:43 kafka.api.PlaintextEndToEndAuthorizationTest >
testNoConsumeWithoutDescribeAclViaSubscribe FAILED
10:40:43 java.lang.Exception: Unexpected exception,
expected<org.apache.kafka.common.errors.TopicAuthorizationException> but
was<org.apache.kafka.common.KafkaException>
10:40:43
10:40:43 Caused by:
10:40:43 org.apache.kafka.common.KafkaException: Unexpected error in fetch
offset response for partition e2etopic-0: Not authorized to access topics:
[Topic authorization failed.]{code}
The problem is that we are not checking for authorization errors in the offset
fetch response. Rather than throwing {{TopicAuthorizationException}}, we
currently raise a plain {{KafkaException}}. The test case works most of the
time because we usually see the authorization error when the first Metadata
request is sent. It's unclear why that didn't happen here. Possibly there is a
race condition setting the initial ACLs.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
