This is an automated email from the ASF dual-hosted git repository. jgus pushed a commit to branch trunk in repository https://gitbox.apache.org/repos/asf/kafka.git
The following commit(s) were added to refs/heads/trunk by this push: new cb9557a9905 KAFKA-14236; ListGroups request produces too much Denied logs in authorizer (#12652) cb9557a9905 is described below commit cb9557a99050bf317cb347cc7756a61f25ce032d Author: aLeX <agriff...@gmail.com> AuthorDate: Thu Sep 22 02:42:30 2022 +0200 KAFKA-14236; ListGroups request produces too much Denied logs in authorizer (#12652) Avoid `is Denied Operation` logs when calling ListGroups api, by adding `logIfDenied = false` to `authorize` calls. Reviewers: Jason Gustafson <ja...@confluent.io> --- core/src/main/scala/kafka/server/KafkaApis.scala | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/core/src/main/scala/kafka/server/KafkaApis.scala b/core/src/main/scala/kafka/server/KafkaApis.scala index 7b3f8269f4a..bae20f25667 100644 --- a/core/src/main/scala/kafka/server/KafkaApis.scala +++ b/core/src/main/scala/kafka/server/KafkaApis.scala @@ -1635,12 +1635,12 @@ class KafkaApis(val requestChannel: RequestChannel, ) } val (error, groups) = groupCoordinator.handleListGroups(states) - if (authHelper.authorize(request.context, DESCRIBE, CLUSTER, CLUSTER_NAME)) + if (authHelper.authorize(request.context, DESCRIBE, CLUSTER, CLUSTER_NAME, logIfDenied = false)) // With describe cluster access all groups are returned. We keep this alternative for backward compatibility. requestHelper.sendResponseMaybeThrottle(request, requestThrottleMs => createResponse(requestThrottleMs, groups, error)) else { - val filteredGroups = groups.filter(group => authHelper.authorize(request.context, DESCRIBE, GROUP, group.groupId)) + val filteredGroups = groups.filter(group => authHelper.authorize(request.context, DESCRIBE, GROUP, group.groupId, logIfDenied = false)) requestHelper.sendResponseMaybeThrottle(request, requestThrottleMs => createResponse(requestThrottleMs, filteredGroups, error)) }