@rajinisivaram Before I review, is it possible simply to mark the LoginModule as OPTIONAL in the case where it is one of multiple login modules on the broker side but it is not used for inter-broker communication? The Javadoc (https://docs.oracle.com/javase/7/docs/api/javax/security/auth/spi/LoginModule.html#commit()) says a return of false means the module is ignored, and I confirmed in the debugger that it is in fact the case (see, for example, https://github.com/frohoff/jdk8u-dev-jdk/blob/master/src/share/classes/javax/security/auth/login/LoginContext.java#L779). See also https://docs.oracle.com/javase/7/docs/api/javax/security/auth/login/Configuration.html where it says: > Optional - The LoginModule is not required to succeed. If it succeeds or > fails, authentication still continues to proceed down the LoginModule list.
[ Full content available at: https://github.com/apache/kafka/pull/5733 ] This message was relayed via gitbox.apache.org for devnull@infra.apache.org
