brandboat commented on code in PR #15761: URL: https://github.com/apache/kafka/pull/15761#discussion_r1574974316
########## core/src/test/scala/unit/kafka/server/SaslApiVersionsRequestTest.scala: ########## @@ -18,41 +18,58 @@ package kafka.server import java.net.Socket import java.util.Collections - import kafka.api.{KafkaSasl, SaslSetup} -import kafka.test.annotation.{ClusterTest, Type} +import kafka.server.SaslApiVersionsRequestTest.{kafkaClientSaslMechanism, kafkaServerSaslMechanisms} +import kafka.test.annotation.{ClusterTemplate, Type} import kafka.test.junit.ClusterTestExtensions -import kafka.test.{ClusterConfig, ClusterInstance} +import kafka.test.{ClusterConfig, ClusterGenerator, ClusterInstance} import kafka.utils.JaasTestUtils +import org.apache.kafka.common.config.SaslConfigs +import org.apache.kafka.common.config.internals.BrokerSecurityConfigs import org.apache.kafka.common.message.SaslHandshakeRequestData import org.apache.kafka.common.protocol.{ApiKeys, Errors} import org.apache.kafka.common.requests.{ApiVersionsRequest, ApiVersionsResponse, SaslHandshakeRequest, SaslHandshakeResponse} import org.apache.kafka.common.security.auth.SecurityProtocol +import org.apache.kafka.server.config.KafkaSecurityConfigs import org.junit.jupiter.api.Assertions._ import org.junit.jupiter.api.extension.ExtendWith import org.junit.jupiter.api.{AfterEach, BeforeEach} import scala.jdk.CollectionConverters._ +object SaslApiVersionsRequestTest { + val kafkaClientSaslMechanism = "PLAIN" + val kafkaServerSaslMechanisms: Seq[String] = List("PLAIN") + val controlPlaneListenerName = "CONTROL_PLANE" + val securityProtocol = SecurityProtocol.SASL_PLAINTEXT + + def saslApiVersionsRequestClusterConfig(clusterGenerator: ClusterGenerator): Unit = { + clusterGenerator.accept(ClusterConfig.defaultBuilder + .securityProtocol(securityProtocol) + .`type`(Type.ZK) + .putSaslServerProperty(KafkaSecurityConfigs.SASL_MECHANISM_INTER_BROKER_PROTOCOL_CONFIG, kafkaClientSaslMechanism) + .putSaslServerProperty(BrokerSecurityConfigs.SASL_ENABLED_MECHANISMS_CONFIG, kafkaServerSaslMechanisms.mkString(",")) + .putSaslClientProperty(SaslConfigs.SASL_MECHANISM, kafkaClientSaslMechanism) + // Configure control plane listener to make sure we have separate listeners for testing. + .putServerProperty(KafkaConfig.ControlPlaneListenerNameProp, controlPlaneListenerName) + .putServerProperty(KafkaConfig.ListenerSecurityProtocolMapProp, s"$controlPlaneListenerName:$securityProtocol,$securityProtocol:$securityProtocol") + .putServerProperty("listeners", s"$securityProtocol://localhost:0,$controlPlaneListenerName://localhost:0") + .putServerProperty(KafkaConfig.AdvertisedListenersProp, s"$securityProtocol://localhost:0,$controlPlaneListenerName://localhost:0") + .build()) + } +} @ExtendWith(value = Array(classOf[ClusterTestExtensions])) class SaslApiVersionsRequestTest(cluster: ClusterInstance) extends AbstractApiVersionsRequestTest(cluster) { - - val kafkaClientSaslMechanism = "PLAIN" - val kafkaServerSaslMechanisms = List("PLAIN") - private var sasl: SaslSetup = _ @BeforeEach - def setupSasl(config: ClusterConfig): Unit = { + def setupSasl(): Unit = { sasl = new SaslSetup() {} Review Comment: Currently, no. Since we clear `java.security.auth.login.config` in [QuorumTestHarness#tearDown](https://github.com/apache/kafka/blob/59c781415fc37c89aa087d7c2999cec7f82f6188/core/src/test/scala/integration/kafka/server/QuorumTestHarness.scala#L440). So if we initialize sasl in `@BeforeAll`, first test passed, second one raise error as below. ```text Could not find a 'KafkaServer' or 'control_plane.KafkaServer' entry in the JAAS configuration. System property 'java.security.auth.login.config' is not set ``` This would require some effort if we want to make this happen. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: jira-unsubscr...@kafka.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org