Luke Chen created KAFKA-16214:
---------------------------------
Summary: No user info when SASL authentication failure
Key: KAFKA-16214
URL: https://issues.apache.org/jira/browse/KAFKA-16214
Project: Kafka
Issue Type: Bug
Affects Versions: 3.6.0
Reporter: Luke Chen
Assignee: Luke Chen
When client authenticate failed, the server will log with the client IP address
only. The the IP address sometimes cannot represent a specific user, especially
if there is proxy between client and server. Ex:
{code:java}
INFO [SocketServer listenerType=ZK_BROKER, nodeId=0] Failed authentication with
/127.0.0.1 (channelId=127.0.0.1:9093-127.0.0.1:53223-5) (Authentication failed:
Invalid username or password) (org.apache.kafka.common.network.Selector)
{code}
If there are many failed authentication log appeared in the server, it'd be
better to identify who is triggering it soon. Adding the client info to the log
is a good start.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
