[
https://issues.apache.org/jira/browse/KAFKA-9497?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Rajini Sivaram reassigned KAFKA-9497:
-------------------------------------
Assignee: Ron Dagostino (was: Rajini Sivaram)
> Brokers start up even if SASL provider is not loaded and throw NPE when
> clients connect
> ---------------------------------------------------------------------------------------
>
> Key: KAFKA-9497
> URL: https://issues.apache.org/jira/browse/KAFKA-9497
> Project: Kafka
> Issue Type: Bug
> Affects Versions: 0.10.2.2, 0.11.0.3, 1.1.1, 2.4.0
> Reporter: Rajini Sivaram
> Assignee: Ron Dagostino
> Priority: Major
> Fix For: 2.7.0
>
>
> Note: This is not a regression, this has been the behaviour since SASL was
> first implemented in Kafka.
>
> Sasl.createSaslServer and Sasl.createSaslClient may return null if a SASL
> provider that works for the specified configs cannot be created. We don't
> currently handle this case. As a result broker/client throws
> NullPointerException if a provider has not been loaded. On the broker-side,
> we allow brokers to start up successfully even if SASL provider for its
> enabled mechanisms are not found. For SASL mechanisms
> PLAIN/SCRAM-xx/OAUTHBEARER, the login module in Kafka loads the SASL
> providers. If the login module is incorrectly configured, brokers startup and
> then fail client connections when hitting NPE. Clients see disconnections
> during authentication as a result. It is difficult to tell from the client or
> broker logs why the failure occurred. We should fail during startup if SASL
> providers are not found and provide better diagnostics for this case.
>
>
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
