[
https://issues.apache.org/jira/browse/KAFKA-18744?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Anatoly updated KAFKA-18744:
----------------------------
Priority: Critical (was: Major)
> When I add sasl.login.callback.handler.class it is used for initial login but
> not used when ticket is about to expire
> ---------------------------------------------------------------------------------------------------------------------
>
> Key: KAFKA-18744
> URL: https://issues.apache.org/jira/browse/KAFKA-18744
> Project: Kafka
> Issue Type: Bug
> Components: clients
> Affects Versions: 3.8.1
> Reporter: Anatoly
> Priority: Critical
>
> I want to use kerberos login/password to authenticate in my kafka cluster.
> I created following CallbackHandler
> {code:java}
> public class LoginCallbackHandler implements AuthenticateCallbackHandler {
> private char[] password;
> @Override
> public void handle(Callback[] callbacks) {
> for (Callback callback : callbacks) {
> if (callback instanceof PasswordCallback pc) {
> pc.setPassword(password);
> break;
> }
> }
> }
> }{code}
> and added it via "sasl.login.callback.handler.class" property. My process now
> can authenticates in kafka and sends/receives messages while initial login
> ticket is valid. When it expires kafka client is not able to re-login to
> kerberos because the LoginCallbackHandler is not used on re-login.
> I created pr that can fix it https://github.com/apache/kafka/pull/18589
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
