[
https://issues.apache.org/jira/browse/KAFKA-6091?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16211873#comment-16211873
]
Vahid Hashemian commented on KAFKA-6091:
----------------------------------------
Is this a duplicate of
[KAFKA-5854|https://issues.apache.org/jira/browse/KAFKA-5854]?
> Authorization API is called hundred's of times when there are no privileges
> ---------------------------------------------------------------------------
>
> Key: KAFKA-6091
> URL: https://issues.apache.org/jira/browse/KAFKA-6091
> Project: Kafka
> Issue Type: Bug
> Components: security
> Affects Versions: 0.11.0.0
> Reporter: kalyan kumar kalvagadda
>
> This issue is observed with kafka/sentry integration. When sentry does not
> have any permissions for a topic and there is a producer trying to add a
> message to a topic, sentry returns failure but Kafka is not able to handle it
> properly and is ending up invoking sentry Auth API ~564 times. This will
> choke authorization service.
> Here are the list of privileges that are needed for a producer to add a
> message to a topic
> In this example "192.168.0.3" is hostname and topic name is "tOpIc1"
> {noformat}
> HOST=192.168.0.3->Topic=tOpIc1->action=DESCRIBE
> HOST=192.168.0.3->Cluster=kafka-cluster->action=CREATE
> HOST=192.168.0.3->Topic=tOpIc1->action=WRITE
> {noformat}
> This problem is reported in this jira is seen when there are no permissions.
> Movement a DESCRIBE permission is added, this issue is not seen.
> Authorization fails but kafka doesn't bombard with he more requests.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
