Luke Chen created KAFKA-16214: --------------------------------- Summary: No user info when SASL authentication failure Key: KAFKA-16214 URL: https://issues.apache.org/jira/browse/KAFKA-16214 Project: Kafka Issue Type: Bug Affects Versions: 3.6.0 Reporter: Luke Chen Assignee: Luke Chen
When client authenticate failed, the server will log with the client IP address only. The the IP address sometimes cannot represent a specific user, especially if there is proxy between client and server. Ex: {code:java} INFO [SocketServer listenerType=ZK_BROKER, nodeId=0] Failed authentication with /127.0.0.1 (channelId=127.0.0.1:9093-127.0.0.1:53223-5) (Authentication failed: Invalid username or password) (org.apache.kafka.common.network.Selector) {code} If there are many failed authentication log appeared in the server, it'd be better to identify who is triggering it soon. Adding the client info to the log is a good start. -- This message was sent by Atlassian Jira (v8.20.10#820010)