vladimirdyuzhev opened a new pull request, #13081: URL: https://github.com/apache/kafka/pull/13081
When keytab file is not used, and the necessary configuration data are provided by the SASL callback handler, the Kerberos TGT renewal fails because the code is not re-using the configured CallbackHandler in the re-login sequence. The error is: ``` javax.security.auth.login.LoginException: No CallbackHandler available to garner authentication information from the user ``` The change preserves the instance of the CallbackHandler that was used to login into Kerberos and passes it to the LoginContext when TGT needs to be renewed. The change is tested in DIT with live Kafka and AD KRB instances in our current project. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: jira-unsubscr...@kafka.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
