Bill Bejeck created KAFKA-9187:
----------------------------------
Summary:
kafka.api.SaslGssapiSslEndToEndAuthorizationTest.testNoDescribeProduceOrConsumeWithoutTopicDescribeAcl
Key: KAFKA-9187
URL: https://issues.apache.org/jira/browse/KAFKA-9187
Project: Kafka
Issue Type: Test
Components: core
Reporter: Bill Bejeck
Failed in [https://builds.apache.org/job/kafka-pr-jdk8-scala2.11/26593/]
{noformat}
Error Messageorg.scalatest.exceptions.TestFailedException: Consumed 0 records
before timeout instead of the expected 1
recordsStacktraceorg.scalatest.exceptions.TestFailedException: Consumed 0
records before timeout instead of the expected 1 records
at
org.scalatest.Assertions$class.newAssertionFailedException(Assertions.scala:530)
at
org.scalatest.Assertions$.newAssertionFailedException(Assertions.scala:1389)
at org.scalatest.Assertions$class.fail(Assertions.scala:1091)
at org.scalatest.Assertions$.fail(Assertions.scala:1389)
at kafka.utils.TestUtils$.waitUntilTrue(TestUtils.scala:842)
at kafka.utils.TestUtils$.pollRecordsUntilTrue(TestUtils.scala:793)
at
kafka.utils.TestUtils$.pollUntilAtLeastNumRecords(TestUtils.scala:1334)
at kafka.utils.TestUtils$.consumeRecords(TestUtils.scala:1343)
at
kafka.api.EndToEndAuthorizationTest.consumeRecords(EndToEndAuthorizationTest.scala:530)
at
kafka.api.EndToEndAuthorizationTest.testNoDescribeProduceOrConsumeWithoutTopicDescribeAcl(EndToEndAuthorizationTest.scala:369)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at
org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:59)
at
org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:12)
at
org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:56)
at
org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:17)
at
org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:26)
at
org.junit.internal.runners.statements.RunAfters.evaluate(RunAfters.java:27)
at org.junit.runners.ParentRunner$3.evaluate(ParentRunner.java:305)
at
org.junit.runners.BlockJUnit4ClassRunner$1.evaluate(BlockJUnit4ClassRunner.java:100)
at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:365)
at
org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:103)
at
org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:63)
at org.junit.runners.ParentRunner$4.run(ParentRunner.java:330)
at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:78)
at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:328)
at org.junit.runners.ParentRunner.access$100(ParentRunner.java:65)
at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:292)
at
org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:26)
at
org.junit.internal.runners.statements.RunAfters.evaluate(RunAfters.java:27)
at org.junit.runners.ParentRunner$3.evaluate(ParentRunner.java:305)
at org.junit.runners.ParentRunner.run(ParentRunner.java:412)
at
org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.runTestClass(JUnitTestClassExecutor.java:110)
at
org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.execute(JUnitTestClassExecutor.java:58)
at
org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.execute(JUnitTestClassExecutor.java:38)
at
org.gradle.api.internal.tasks.testing.junit.AbstractJUnitTestClassProcessor.processTestClass(AbstractJUnitTestClassProcessor.java:62)
at
org.gradle.api.internal.tasks.testing.SuiteTestClassProcessor.processTestClass(SuiteTestClassProcessor.java:51)
at sun.reflect.GeneratedMethodAccessor12.invoke(Unknown Source)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at
org.gradle.internal.dispatch.ReflectionDispatch.dispatch(ReflectionDispatch.java:36)
at
org.gradle.internal.dispatch.ReflectionDispatch.dispatch(ReflectionDispatch.java:24)
at
org.gradle.internal.dispatch.ContextClassLoaderDispatch.dispatch(ContextClassLoaderDispatch.java:33)
at
org.gradle.internal.dispatch.ProxyDispatchAdapter$DispatchingInvocationHandler.invoke(ProxyDispatchAdapter.java:94)
at com.sun.proxy.$Proxy2.processTestClass(Unknown Source)
at
org.gradle.api.internal.tasks.testing.worker.TestWorker.processTestClass(TestWorker.java:118)
at sun.reflect.GeneratedMethodAccessor11.invoke(Unknown Source)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at
org.gradle.internal.dispatch.ReflectionDispatch.dispatch(ReflectionDispatch.java:36)
at
org.gradle.internal.dispatch.ReflectionDispatch.dispatch(ReflectionDispatch.java:24)
at
org.gradle.internal.remote.internal.hub.MessageHubBackedObjectConnection$DispatchWrapper.dispatch(MessageHubBackedObjectConnection.java:182)
at
org.gradle.internal.remote.internal.hub.MessageHubBackedObjectConnection$DispatchWrapper.dispatch(MessageHubBackedObjectConnection.java:164)
at
org.gradle.internal.remote.internal.hub.MessageHub$Handler.run(MessageHub.java:412)
at
org.gradle.internal.concurrent.ExecutorPolicy$CatchAndRecordFailures.onExecute(ExecutorPolicy.java:64)
at
org.gradle.internal.concurrent.ManagedExecutorImpl$1.run(ManagedExecutorImpl.java:48)
at
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at
org.gradle.internal.concurrent.ThreadFactoryImpl$ManagedThreadRunnable.run(ThreadFactoryImpl.java:56)
at java.lang.Thread.run(Thread.java:748)
Standard OutputAdding ACLs for resource `ResourcePattern(resourceType=CLUSTER,
name=kafka-cluster, patternType=LITERAL)`:
(principal=User:kafka, host=*, operation=CLUSTER_ACTION,
permissionType=ALLOW)
Current ACLs for resource `Cluster:LITERAL:kafka-cluster`:
User:kafka has Allow permission for operations: ClusterAction from
hosts: *
Adding ACLs for resource `ResourcePattern(resourceType=TOPIC, name=*,
patternType=LITERAL)`:
(principal=User:kafka, host=*, operation=READ, permissionType=ALLOW)
Current ACLs for resource `Topic:LITERAL:*`:
User:kafka has Allow permission for operations: Read from hosts: *
Debug is true storeKey true useTicketCache false useKeyTab true doNotPrompt
false ticketCache is null isInitiator true KeyTab is
/tmp/kafka6956053092858073839.tmp refreshKrb5Config is false principal is
kafka/[email protected] tryFirstPass is false useFirstPass is false
storePass is false clearPass is false
principal is kafka/[email protected]
Will use keytab
Commit Succeeded
Adding ACLs for resource `ResourcePattern(resourceType=TOPIC, name=e2etopic,
patternType=LITERAL)`:
(principal=User:client, host=*, operation=DESCRIBE,
permissionType=ALLOW)
(principal=User:client, host=*, operation=CREATE, permissionType=ALLOW)
(principal=User:client, host=*, operation=WRITE, permissionType=ALLOW)
Current ACLs for resource `Topic:LITERAL:e2etopic`:
User:client has Allow permission for operations: Describe from hosts: *
User:client has Allow permission for operations: Create from hosts: *
User:client has Allow permission for operations: Write from hosts: *
Adding ACLs for resource `ResourcePattern(resourceType=TOPIC, name=e2etopic,
patternType=LITERAL)`:
(principal=User:client, host=*, operation=DESCRIBE,
permissionType=ALLOW)
(principal=User:client, host=*, operation=READ, permissionType=ALLOW)
Adding ACLs for resource `ResourcePattern(resourceType=GROUP, name=group,
patternType=LITERAL)`:
(principal=User:client, host=*, operation=READ, permissionType=ALLOW)
Current ACLs for resource `Topic:LITERAL:e2etopic`:
User:client has Allow permission for operations: Read from hosts: *
User:client has Allow permission for operations: Describe from hosts: *
User:client has Allow permission for operations: Create from hosts: *
User:client has Allow permission for operations: Write from hosts: *
Current ACLs for resource `Group:LITERAL:group`:
User:client has Allow permission for operations: Read from hosts: *
Debug is true storeKey true useTicketCache false useKeyTab true doNotPrompt
false ticketCache is null isInitiator true KeyTab is
/tmp/kafka7544779694857809493.tmp refreshKrb5Config is false principal is
[email protected] tryFirstPass is false useFirstPass is false storePass is
false clearPass is false
principal is [email protected]
Will use keytab
Commit Succeeded
Debug is true storeKey true useTicketCache false useKeyTab true doNotPrompt
false ticketCache is null isInitiator true KeyTab is
/tmp/kafka7544779694857809493.tmp refreshKrb5Config is false principal is
[email protected] tryFirstPass is false useFirstPass is false storePass is
false clearPass is false
principal is [email protected]
Will use keytab
Commit Succeeded
[2019-11-14 00:05:16,760] ERROR [Consumer clientId=consumer-group-64,
groupId=group] Topic authorization failed for topics [e2etopic]
(org.apache.kafka.clients.Metadata:283)
Adding ACLs for resource `ResourcePattern(resourceType=CLUSTER,
name=kafka-cluster, patternType=LITERAL)`:
(principal=User:kafka, host=*, operation=CLUSTER_ACTION,
permissionType=ALLOW)
Current ACLs for resource `Cluster:LITERAL:kafka-cluster`:
User:kafka has Allow permission for operations: ClusterAction from
hosts: *
Adding ACLs for resource `ResourcePattern(resourceType=TOPIC, name=*,
patternType=LITERAL)`:
(principal=User:kafka, host=*, operation=READ, permissionType=ALLOW)
Current ACLs for resource `Topic:LITERAL:*`:
User:kafka has Allow permission for operations: Read from hosts: *
Debug is true storeKey true useTicketCache false useKeyTab true doNotPrompt
false ticketCache is null isInitiator true KeyTab is
/tmp/kafka1164866442124187878.tmp refreshKrb5Config is false principal is
kafka/[email protected] tryFirstPass is false useFirstPass is false
storePass is false clearPass is false
principal is kafka/[email protected]
Will use keytab
Commit Succeeded
Adding ACLs for resource `ResourcePattern(resourceType=TOPIC, name=e2etopic,
patternType=LITERAL)`:
(principal=User:client, host=*, operation=DESCRIBE,
permissionType=ALLOW)
(principal=User:client, host=*, operation=CREATE, permissionType=ALLOW)
(principal=User:client, host=*, operation=WRITE, permissionType=ALLOW)
Current ACLs for resource `Topic:LITERAL:e2etopic`:
User:client has Allow permission for operations: Describe from hosts: *
User:client has Allow permission for operations: Create from hosts: *
User:client has Allow permission for operations: Write from hosts: *
Adding ACLs for resource `ResourcePattern(resourceType=GROUP, name=group,
patternType=LITERAL)`:
(principal=User:client, host=*, operation=READ, permissionType=ALLOW)
Current ACLs for resource `Group:LITERAL:group`:
User:client has Allow permission for operations: Read from hosts: *
Debug is true storeKey true useTicketCache false useKeyTab true doNotPrompt
false ticketCache is null isInitiator true KeyTab is
/tmp/kafka5859610215295612432.tmp refreshKrb5Config is false principal is
[email protected] tryFirstPass is false useFirstPass is false storePass is
false clearPass is false
principal is [email protected]
Will use keytab
Commit Succeeded
Current ACLs for resource `Topic:LITERAL:e2etopic`:
User:client has Allow permission for operations: Create from hosts: *
User:client has Allow permission for operations: Write from hosts: *
Current ACLs for resource `Topic:LITERAL:e2etopic`:
User:client has Allow permission for operations: Create from hosts: *
[2019-11-14 00:05:27,930] ERROR [Consumer clientId=consumer-group-65,
groupId=group] Topic authorization failed for topics [e2etopic]
(org.apache.kafka.clients.Metadata:283)
Adding ACLs for resource `ResourcePattern(resourceType=TOPIC, name=e2etopic,
patternType=LITERAL)`:
(principal=User:client, host=*, operation=DESCRIBE,
permissionType=ALLOW)
(principal=User:client, host=*, operation=CREATE, permissionType=ALLOW)
(principal=User:client, host=*, operation=WRITE, permissionType=ALLOW)
Current ACLs for resource `Topic:LITERAL:e2etopic`:
User:client has Allow permission for operations: Describe from hosts: *
User:client has Allow permission for operations: Create from hosts: *
User:client has Allow permission for operations: Write from hosts: *
Adding ACLs for resource `ResourcePattern(resourceType=TOPIC, name=e2etopic,
patternType=LITERAL)`:
(principal=User:client, host=*, operation=DESCRIBE,
permissionType=ALLOW)
(principal=User:client, host=*, operation=READ, permissionType=ALLOW)
Adding ACLs for resource `ResourcePattern(resourceType=GROUP, name=group,
patternType=LITERAL)`:
(principal=User:client, host=*, operation=READ, permissionType=ALLOW)
Current ACLs for resource `Topic:LITERAL:e2etopic`:
User:client has Allow permission for operations: Read from hosts: *
User:client has Allow permission for operations: Describe from hosts: *
User:client has Allow permission for operations: Create from hosts: *
User:client has Allow permission for operations: Write from hosts: *
Current ACLs for resource `Group:LITERAL:group`:
User:client has Allow permission for operations: Read from hosts: *
[2019-11-14 00:05:28,437] ERROR [Consumer clientId=consumer-group-65,
groupId=group] Topic authorization failed for topics [topic2]
(org.apache.kafka.clients.Metadata:283)
[2019-11-14 00:05:28,440] ERROR [Consumer clientId=consumer-group-65,
groupId=group] Topic authorization failed for topics [topic2]
(org.apache.kafka.clients.Metadata:283)
Adding ACLs for resource `ResourcePattern(resourceType=CLUSTER,
name=kafka-cluster, patternType=LITERAL)`:
(principal=User:kafka, host=*, operation=CLUSTER_ACTION,
permissionType=ALLOW)
Current ACLs for resource `Cluster:LITERAL:kafka-cluster`:
User:kafka has Allow permission for operations: ClusterAction from
hosts: *
Adding ACLs for resource `ResourcePattern(resourceType=TOPIC, name=*,
patternType=LITERAL)`:
(principal=User:kafka, host=*, operation=READ, permissionType=ALLOW)
Current ACLs for resource `Topic:LITERAL:*`:
User:kafka has Allow permission for operations: Read from hosts: *
Debug is true storeKey true useTicketCache false useKeyTab true doNotPrompt
false ticketCache is null isInitiator true KeyTab is
/tmp/kafka8747414312546582585.tmp refreshKrb5Config is false principal is
kafka/[email protected] tryFirstPass is false useFirstPass is false
storePass is false clearPass is false
principal is kafka/[email protected]
Will use keytab
Commit Succeeded
Adding ACLs for resource `ResourcePattern(resourceType=TOPIC, name=e2e,
patternType=PREFIXED)`:
(principal=User:client, host=*, operation=DESCRIBE,
permissionType=ALLOW)
(principal=User:client, host=*, operation=READ, permissionType=ALLOW)
(principal=User:client, host=*, operation=CREATE, permissionType=ALLOW)
(principal=User:client, host=*, operation=WRITE, permissionType=ALLOW)
Adding ACLs for resource `ResourcePattern(resourceType=GROUP, name=gr,
patternType=PREFIXED)`:
(principal=User:client, host=*, operation=READ, permissionType=ALLOW)
Current ACLs for resource `Topic:PREFIXED:e2e`:
User:client has Allow permission for operations: Read from hosts: *
User:client has Allow permission for operations: Describe from hosts: *
User:client has Allow permission for operations: Create from hosts: *
User:client has Allow permission for operations: Write from hosts: *
Current ACLs for resource `Group:PREFIXED:gr`:
User:client has Allow permission for operations: Read from hosts: *
Debug is true storeKey true useTicketCache false useKeyTab true doNotPrompt
false ticketCache is null isInitiator true KeyTab is
/tmp/kafka9087269612476946936.tmp refreshKrb5Config is false principal is
[email protected] tryFirstPass is false useFirstPass is false storePass is
false clearPass is false
principal is [email protected]
Will use keytab
Commit Succeeded
Adding ACLs for resource `ResourcePattern(resourceType=CLUSTER,
name=kafka-cluster, patternType=LITERAL)`:
(principal=User:kafka, host=*, operation=CLUSTER_ACTION,
permissionType=ALLOW)
Current ACLs for resource `Cluster:LITERAL:kafka-cluster`:
User:kafka has Allow permission for operations: ClusterAction from
hosts: *
Adding ACLs for resource `ResourcePattern(resourceType=TOPIC, name=*,
patternType=LITERAL)`:
(principal=User:kafka, host=*, operation=READ, permissionType=ALLOW)
Current ACLs for resource `Topic:LITERAL:*`:
User:kafka has Allow permission for operations: Read from hosts: *
Debug is true storeKey true useTicketCache false useKeyTab true doNotPrompt
false ticketCache is null isInitiator true KeyTab is
/tmp/kafka8309184149332187367.tmp refreshKrb5Config is false principal is
kafka/[email protected] tryFirstPass is false useFirstPass is false
storePass is false clearPass is false
principal is kafka/[email protected]
Will use keytab
Commit Succeeded
Adding ACLs for resource `ResourcePattern(resourceType=TOPIC, name=e2etopic,
patternType=LITERAL)`:
(principal=User:client, host=*, operation=DESCRIBE,
permissionType=ALLOW)
(principal=User:client, host=*, operation=CREATE, permissionType=ALLOW)
(principal=User:client, host=*, operation=WRITE, permissionType=ALLOW)
Current ACLs for resource `Topic:LITERAL:e2etopic`:
User:client has Allow permission for operations: Describe from hosts: *
User:client has Allow permission for operations: Create from hosts: *
User:client has Allow permission for operations: Write from hosts: *
Adding ACLs for resource `ResourcePattern(resourceType=TOPIC, name=e2etopic,
patternType=LITERAL)`:
(principal=User:client, host=*, operation=DESCRIBE,
permissionType=ALLOW)
(principal=User:client, host=*, operation=READ, permissionType=ALLOW)
Adding ACLs for resource `ResourcePattern(resourceType=GROUP, name=group,
patternType=LITERAL)`:
(principal=User:client, host=*, operation=READ, permissionType=ALLOW)
Current ACLs for resource `Topic:LITERAL:e2etopic`:
User:client has Allow permission for operations: Read from hosts: *
User:client has Allow permission for operations: Describe from hosts: *
User:client has Allow permission for operations: Create from hosts: *
User:client has Allow permission for operations: Write from hosts: *
Current ACLs for resource `Group:LITERAL:group`:
User:client has Allow permission for operations: Read from hosts: *
Debug is true storeKey true useTicketCache false useKeyTab true doNotPrompt
false ticketCache is null isInitiator true KeyTab is
/tmp/kafka1141175465808765899.tmp refreshKrb5Config is false principal is
[email protected] tryFirstPass is false useFirstPass is false storePass is
false clearPass is false
principal is [email protected]
Will use keytab
Commit Succeeded
Adding ACLs for resource `ResourcePattern(resourceType=CLUSTER,
name=kafka-cluster, patternType=LITERAL)`:
(principal=User:kafka, host=*, operation=CLUSTER_ACTION,
permissionType=ALLOW)
Current ACLs for resource `Cluster:LITERAL:kafka-cluster`:
User:kafka has Allow permission for operations: ClusterAction from
hosts: *
Adding ACLs for resource `ResourcePattern(resourceType=TOPIC, name=*,
patternType=LITERAL)`:
(principal=User:kafka, host=*, operation=READ, permissionType=ALLOW)
Current ACLs for resource `Topic:LITERAL:*`:
User:kafka has Allow permission for operations: Read from hosts: *
Debug is true storeKey true useTicketCache false useKeyTab true doNotPrompt
false ticketCache is null isInitiator true KeyTab is
/tmp/kafka4492820688667369631.tmp refreshKrb5Config is false principal is
kafka/[email protected] tryFirstPass is false useFirstPass is false
storePass is false clearPass is false
principal is kafka/[email protected]
Will use keytab
Commit Succeeded
Adding ACLs for resource `ResourcePattern(resourceType=TOPIC, name=e2etopic,
patternType=LITERAL)`:
(principal=User:client, host=*, operation=DESCRIBE,
permissionType=ALLOW)
(principal=User:client, host=*, operation=CREATE, permissionType=ALLOW)
(principal=User:client, host=*, operation=WRITE, permissionType=ALLOW)
Current ACLs for resource `Topic:LITERAL:e2etopic`:
User:client has Allow permission for operations: Describe from hosts: *
User:client has Allow permission for operations: Create from hosts: *
User:client has Allow permission for operations: Write from hosts: *
Adding ACLs for resource `ResourcePattern(resourceType=GROUP, name=group,
patternType=LITERAL)`:
(principal=User:client, host=*, operation=READ, permissionType=ALLOW)
Current ACLs for resource `Group:LITERAL:group`:
User:client has Allow permission for operations: Read from hosts: *
Debug is true storeKey true useTicketCache false useKeyTab true doNotPrompt
false ticketCache is null isInitiator true KeyTab is
/tmp/kafka7127417062223263778.tmp refreshKrb5Config is false principal is
[email protected] tryFirstPass is false useFirstPass is false storePass is
false clearPass is false
principal is [email protected]
Will use keytab
Commit Succeeded
Adding ACLs for resource `ResourcePattern(resourceType=CLUSTER,
name=kafka-cluster, patternType=LITERAL)`:
(principal=User:kafka, host=*, operation=CLUSTER_ACTION,
permissionType=ALLOW)
Current ACLs for resource `Cluster:LITERAL:kafka-cluster`:
User:kafka has Allow permission for operations: ClusterAction from
hosts: *
Adding ACLs for resource `ResourcePattern(resourceType=TOPIC, name=*,
patternType=LITERAL)`:
(principal=User:kafka, host=*, operation=READ, permissionType=ALLOW)
Current ACLs for resource `Topic:LITERAL:*`:
User:kafka has Allow permission for operations: Read from hosts: *
Debug is true storeKey true useTicketCache false useKeyTab true doNotPrompt
false ticketCache is null isInitiator true KeyTab is
/tmp/kafka4842878770720273118.tmp refreshKrb5Config is false principal is
kafka/[email protected] tryFirstPass is false useFirstPass is false
storePass is false clearPass is false
principal is kafka/[email protected]
Will use keytab
Commit Succeeded
Adding ACLs for resource `ResourcePattern(resourceType=TOPIC, name=topic2,
patternType=LITERAL)`:
(principal=User:client, host=*, operation=DESCRIBE,
permissionType=ALLOW)
(principal=User:client, host=*, operation=CREATE, permissionType=ALLOW)
(principal=User:client, host=*, operation=WRITE, permissionType=ALLOW)
Current ACLs for resource `Topic:LITERAL:topic2`:
User:client has Allow permission for operations: Describe from hosts: *
User:client has Allow permission for operations: Create from hosts: *
User:client has Allow permission for operations: Write from hosts: *
Adding ACLs for resource `ResourcePattern(resourceType=TOPIC, name=topic2,
patternType=LITERAL)`:
(principal=User:client, host=*, operation=DESCRIBE,
permissionType=ALLOW)
(principal=User:client, host=*, operation=READ, permissionType=ALLOW)
Adding ACLs for resource `ResourcePattern(resourceType=GROUP, name=group,
patternType=LITERAL)`:
(principal=User:client, host=*, operation=READ, permissionType=ALLOW)
Current ACLs for resource `Topic:LITERAL:topic2`:
User:client has Allow permission for operations: Read from hosts: *
User:client has Allow permission for operations: Describe from hosts: *
User:client has Allow permission for operations: Create from hosts: *
User:client has Allow permission for operations: Write from hosts: *
Current ACLs for resource `Group:LITERAL:group`:
User:client has Allow permission for operations: Read from hosts: *
Debug is true storeKey true useTicketCache false useKeyTab true doNotPrompt
false ticketCache is null isInitiator true KeyTab is
/tmp/kafka5625345472493495489.tmp refreshKrb5Config is false principal is
[email protected] tryFirstPass is false useFirstPass is false storePass is
false clearPass is false
principal is [email protected]
Will use keytab
Commit Succeeded
Adding ACLs for resource `ResourcePattern(resourceType=CLUSTER,
name=kafka-cluster, patternType=LITERAL)`:
(principal=User:kafka, host=*, operation=CLUSTER_ACTION,
permissionType=ALLOW)
Current ACLs for resource `Cluster:LITERAL:kafka-cluster`:
User:kafka has Allow permission for operations: ClusterAction from
hosts: *
Adding ACLs for resource `ResourcePattern(resourceType=TOPIC, name=*,
patternType=LITERAL)`:
(principal=User:kafka, host=*, operation=READ, permissionType=ALLOW)
Current ACLs for resource `Topic:LITERAL:*`:
User:kafka has Allow permission for operations: Read from hosts: *
Debug is true storeKey true useTicketCache false useKeyTab true doNotPrompt
false ticketCache is null isInitiator true KeyTab is
/tmp/kafka5120046464615928618.tmp refreshKrb5Config is false principal is
kafka/[email protected] tryFirstPass is false useFirstPass is false
storePass is false clearPass is false
principal is kafka/[email protected]
Will use keytab
Commit Succeeded
Adding ACLs for resource `ResourcePattern(resourceType=TOPIC, name=*,
patternType=LITERAL)`:
(principal=User:client, host=*, operation=DESCRIBE,
permissionType=ALLOW)
(principal=User:client, host=*, operation=READ, permissionType=ALLOW)
(principal=User:client, host=*, operation=CREATE, permissionType=ALLOW)
(principal=User:client, host=*, operation=WRITE, permissionType=ALLOW)
Adding ACLs for resource `ResourcePattern(resourceType=GROUP, name=*,
patternType=LITERAL)`:
(principal=User:client, host=*, operation=READ, permissionType=ALLOW)
Current ACLs for resource `Topic:LITERAL:*`:
User:client has Allow permission for operations: Write from hosts: *
User:client has Allow permission for operations: Describe from hosts: *
User:client has Allow permission for operations: Read from hosts: *
User:kafka has Allow permission for operations: Read from hosts: *
User:client has Allow permission for operations: Create from hosts: *
Current ACLs for resource `Group:LITERAL:*`:
User:client has Allow permission for operations: Read from hosts: *
Debug is true storeKey true useTicketCache false useKeyTab true doNotPrompt
false ticketCache is null isInitiator true KeyTab is
/tmp/kafka8065847533733093202.tmp refreshKrb5Config is false principal is
[email protected] tryFirstPass is false useFirstPass is false storePass is
false clearPass is false
principal is [email protected]
Will use keytab
Commit Succeeded
Adding ACLs for resource `ResourcePattern(resourceType=CLUSTER,
name=kafka-cluster, patternType=LITERAL)`:
(principal=User:kafka, host=*, operation=CLUSTER_ACTION,
permissionType=ALLOW)
Current ACLs for resource `Cluster:LITERAL:kafka-cluster`:
User:kafka has Allow permission for operations: ClusterAction from
hosts: *
Adding ACLs for resource `ResourcePattern(resourceType=TOPIC, name=*,
patternType=LITERAL)`:
(principal=User:kafka, host=*, operation=READ, permissionType=ALLOW)
Current ACLs for resource `Topic:LITERAL:*`:
User:kafka has Allow permission for operations: Read from hosts: *
Debug is true storeKey true useTicketCache false useKeyTab true doNotPrompt
false ticketCache is null isInitiator true KeyTab is
/tmp/kafka5718433880170346361.tmp refreshKrb5Config is false principal is
kafka/[email protected] tryFirstPass is false useFirstPass is false
storePass is false clearPass is false
principal is kafka/[email protected]
Will use keytab
Commit Succeeded
Adding ACLs for resource `ResourcePattern(resourceType=TOPIC, name=e2etopic,
patternType=LITERAL)`:
(principal=User:client, host=*, operation=DESCRIBE,
permissionType=ALLOW)
(principal=User:client, host=*, operation=CREATE, permissionType=ALLOW)
(principal=User:client, host=*, operation=WRITE, permissionType=ALLOW)
Current ACLs for resource `Topic:LITERAL:e2etopic`:
User:client has Allow permission for operations: Describe from hosts: *
User:client has Allow permission for operations: Create from hosts: *
User:client has Allow permission for operations: Write from hosts: *
Adding ACLs for resource `ResourcePattern(resourceType=GROUP, name=group,
patternType=LITERAL)`:
(principal=User:client, host=*, operation=READ, permissionType=ALLOW)
Current ACLs for resource `Group:LITERAL:group`:
User:client has Allow permission for operations: Read from hosts: *
Debug is true storeKey true useTicketCache false useKeyTab true doNotPrompt
false ticketCache is null isInitiator true KeyTab is
/tmp/kafka2477903581865723182.tmp refreshKrb5Config is false principal is
[email protected] tryFirstPass is false useFirstPass is false storePass is
false clearPass is false
principal is [email protected]
Will use keytab
Commit Succeeded
Adding ACLs for resource `ResourcePattern(resourceType=CLUSTER,
name=kafka-cluster, patternType=LITERAL)`:
(principal=User:kafka, host=*, operation=CLUSTER_ACTION,
permissionType=ALLOW)
Current ACLs for resource `Cluster:LITERAL:kafka-cluster`:
User:kafka has Allow permission for operations: ClusterAction from
hosts: *
Adding ACLs for resource `ResourcePattern(resourceType=TOPIC, name=*,
patternType=LITERAL)`:
(principal=User:kafka, host=*, operation=READ, permissionType=ALLOW)
Current ACLs for resource `Topic:LITERAL:*`:
User:kafka has Allow permission for operations: Read from hosts: *
Debug is true storeKey true useTicketCache false useKeyTab true doNotPrompt
false ticketCache is null isInitiator true KeyTab is
/tmp/kafka2468726472607360276.tmp refreshKrb5Config is false principal is
kafka/[email protected] tryFirstPass is false useFirstPass is false
storePass is false clearPass is false
principal is kafka/[email protected]
Will use keytab
Commit Succeeded
Adding ACLs for resource `ResourcePattern(resourceType=TOPIC, name=e2etopic,
patternType=LITERAL)`:
(principal=User:client, host=*, operation=DESCRIBE,
permissionType=ALLOW)
(principal=User:client, host=*, operation=CREATE, permissionType=ALLOW)
(principal=User:client, host=*, operation=WRITE, permissionType=ALLOW)
Current ACLs for resource `Topic:LITERAL:e2etopic`:
User:client has Allow permission for operations: Describe from hosts: *
User:client has Allow permission for operations: Create from hosts: *
User:client has Allow permission for operations: Write from hosts: *
Adding ACLs for resource `ResourcePattern(resourceType=GROUP, name=group,
patternType=LITERAL)`:
(principal=User:client, host=*, operation=READ, permissionType=ALLOW)
Current ACLs for resource `Group:LITERAL:group`:
User:client has Allow permission for operations: Read from hosts: *
Debug is true storeKey true useTicketCache false useKeyTab true doNotPrompt
false ticketCache is null isInitiator true KeyTab is
/tmp/kafka5732682815670095435.tmp refreshKrb5Config is false principal is
[email protected] tryFirstPass is false useFirstPass is false storePass is
false clearPass is false
principal is [email protected]
Will use keytab
Commit Succeeded
Current ACLs for resource `Topic:LITERAL:e2etopic`:
User:client has Allow permission for operations: Create from hosts: *
User:client has Allow permission for operations: Write from hosts: *
Current ACLs for resource `Topic:LITERAL:e2etopic`:
User:client has Allow permission for operations: Create from hosts: *
[2019-11-14 00:06:46,746] ERROR [Consumer clientId=consumer-group-72,
groupId=group] Topic authorization failed for topics [e2etopic]
(org.apache.kafka.clients.Metadata:283)
Adding ACLs for resource `ResourcePattern(resourceType=CLUSTER,
name=kafka-cluster, patternType=LITERAL)`:
(principal=User:kafka, host=*, operation=CLUSTER_ACTION,
permissionType=ALLOW)
Current ACLs for resource `Cluster:LITERAL:kafka-cluster`:
User:kafka has Allow permission for operations: ClusterAction from
hosts: *
Adding ACLs for resource `ResourcePattern(resourceType=TOPIC, name=*,
patternType=LITERAL)`:
(principal=User:kafka, host=*, operation=READ, permissionType=ALLOW)
Current ACLs for resource `Topic:LITERAL:*`:
User:kafka has Allow permission for operations: Read from hosts: *
Debug is true storeKey true useTicketCache false useKeyTab true doNotPrompt
false ticketCache is null isInitiator true KeyTab is
/tmp/kafka2013270490890764303.tmp refreshKrb5Config is false principal is
kafka/[email protected] tryFirstPass is false useFirstPass is false
storePass is false clearPass is false
principal is kafka/[email protected]
Will use keytab
Commit Succeeded
Adding ACLs for resource `ResourcePattern(resourceType=TOPIC, name=e2etopic,
patternType=LITERAL)`:
(principal=User:client, host=*, operation=DESCRIBE,
permissionType=ALLOW)
(principal=User:client, host=*, operation=CREATE, permissionType=ALLOW)
(principal=User:client, host=*, operation=WRITE, permissionType=ALLOW)
Current ACLs for resource `Topic:LITERAL:e2etopic`:
User:client has Allow permission for operations: Describe from hosts: *
User:client has Allow permission for operations: Create from hosts: *
User:client has Allow permission for operations: Write from hosts: *
Debug is true storeKey true useTicketCache false useKeyTab true doNotPrompt
false ticketCache is null isInitiator true KeyTab is
/tmp/kafka2326244927512378494.tmp refreshKrb5Config is false principal is
[email protected] tryFirstPass is false useFirstPass is false storePass is
false clearPass is false
principal is [email protected]
Will use keytab
Commit Succeeded
Adding ACLs for resource `ResourcePattern(resourceType=CLUSTER,
name=kafka-cluster, patternType=LITERAL)`:
(principal=User:kafka, host=*, operation=CLUSTER_ACTION,
permissionType=ALLOW)
Current ACLs for resource `Cluster:LITERAL:kafka-cluster`:
User:kafka has Allow permission for operations: ClusterAction from
hosts: *
Adding ACLs for resource `ResourcePattern(resourceType=TOPIC, name=*,
patternType=LITERAL)`:
(principal=User:kafka, host=*, operation=READ, permissionType=ALLOW)
Current ACLs for resource `Topic:LITERAL:*`:
User:kafka has Allow permission for operations: Read from hosts: *
Debug is true storeKey true useTicketCache false useKeyTab true doNotPrompt
false ticketCache is null isInitiator true KeyTab is
/tmp/kafka8457104099673983066.tmp refreshKrb5Config is false principal is
kafka/[email protected] tryFirstPass is false useFirstPass is false
storePass is false clearPass is false
principal is kafka/[email protected]
Will use keytab
Commit Succeeded
Adding ACLs for resource `ResourcePattern(resourceType=TOPIC, name=e2etopic,
patternType=LITERAL)`:
(principal=User:client, host=*, operation=DESCRIBE,
permissionType=ALLOW)
Current ACLs for resource `Topic:LITERAL:e2etopic`:
User:client has Allow permission for operations: Describe from hosts: *
Debug is true storeKey true useTicketCache false useKeyTab true doNotPrompt
false ticketCache is null isInitiator true KeyTab is
/tmp/kafka2302048904671721331.tmp refreshKrb5Config is false principal is
[email protected] tryFirstPass is false useFirstPass is false storePass is
false clearPass is false
principal is [email protected]
Will use keytab
Commit Succeeded
Adding ACLs for resource `ResourcePattern(resourceType=CLUSTER,
name=kafka-cluster, patternType=LITERAL)`:
(principal=User:kafka, host=*, operation=CLUSTER_ACTION,
permissionType=ALLOW)
Current ACLs for resource `Cluster:LITERAL:kafka-cluster`:
User:kafka has Allow permission for operations: ClusterAction from
hosts: *
Adding ACLs for resource `ResourcePattern(resourceType=TOPIC, name=*,
patternType=LITERAL)`:
(principal=User:kafka, host=*, operation=READ, permissionType=ALLOW)
Current ACLs for resource `Topic:LITERAL:*`:
User:kafka has Allow permission for operations: Read from hosts: *
Debug is true storeKey true useTicketCache false useKeyTab true doNotPrompt
false ticketCache is null isInitiator true KeyTab is
/tmp/kafka6086036635542397633.tmp refreshKrb5Config is false principal is
kafka/[email protected] tryFirstPass is false useFirstPass is false
storePass is false clearPass is false
principal is kafka/[email protected]
Will use keytab
Commit Succeeded
Adding ACLs for resource `ResourcePattern(resourceType=GROUP, name=group,
patternType=LITERAL)`:
(principal=User:client, host=*, operation=READ, permissionType=ALLOW)
Current ACLs for resource `Group:LITERAL:group`:
User:client has Allow permission for operations: Read from hosts: *
Debug is true storeKey true useTicketCache false useKeyTab true doNotPrompt
false ticketCache is null isInitiator true KeyTab is
/tmp/kafka8629762638726138051.tmp refreshKrb5Config is false principal is
[email protected] tryFirstPass is false useFirstPass is false storePass is
false clearPass is false
principal is [email protected]
Will use keytab
Commit Succeeded
[2019-11-14 00:07:19,447] ERROR [Producer clientId=producer-178] Topic
authorization failed for topics [e2etopic]
(org.apache.kafka.clients.Metadata:283)
[2019-11-14 00:07:19,472] ERROR [Consumer clientId=consumer-group-74,
groupId=group] Topic authorization failed for topics [e2etopic]
(org.apache.kafka.clients.Metadata:283)
Adding ACLs for resource `ResourcePattern(resourceType=TOPIC, name=topic2,
patternType=LITERAL)`:
(principal=User:client, host=*, operation=DESCRIBE,
permissionType=ALLOW)
(principal=User:client, host=*, operation=CREATE, permissionType=ALLOW)
(principal=User:client, host=*, operation=WRITE, permissionType=ALLOW)
Current ACLs for resource `Topic:LITERAL:topic2`:
User:client has Allow permission for operations: Describe from hosts: *
User:client has Allow permission for operations: Create from hosts: *
User:client has Allow permission for operations: Write from hosts: *
Adding ACLs for resource `ResourcePattern(resourceType=TOPIC, name=topic2,
patternType=LITERAL)`:
(principal=User:client, host=*, operation=DESCRIBE,
permissionType=ALLOW)
(principal=User:client, host=*, operation=READ, permissionType=ALLOW)
Adding ACLs for resource `ResourcePattern(resourceType=GROUP, name=group,
patternType=LITERAL)`:
(principal=User:client, host=*, operation=READ, permissionType=ALLOW)
Current ACLs for resource `Topic:LITERAL:topic2`:
User:client has Allow permission for operations: Read from hosts: *
User:client has Allow permission for operations: Describe from hosts: *
User:client has Allow permission for operations: Create from hosts: *
User:client has Allow permission for operations: Write from hosts: *
Current ACLs for resource `Group:LITERAL:group`:
User:client has Allow permission for operations: Read from hosts: *
[2019-11-14 00:07:20,026] ERROR [Producer clientId=producer-178] Topic
authorization failed for topics [e2etopic]
(org.apache.kafka.clients.Metadata:283)
[2019-11-14 00:07:20,128] ERROR [Producer clientId=producer-178] Topic
authorization failed for topics [e2etopic]
(org.apache.kafka.clients.Metadata:283)
Adding ACLs for resource `ResourcePattern(resourceType=TOPIC, name=e2etopic,
patternType=LITERAL)`:
(principal=User:client, host=*, operation=DESCRIBE,
permissionType=ALLOW)
(principal=User:client, host=*, operation=CREATE, permissionType=ALLOW)
(principal=User:client, host=*, operation=WRITE, permissionType=ALLOW)
Current ACLs for resource `Topic:LITERAL:e2etopic`:
User:client has Allow permission for operations: Describe from hosts: *
User:client has Allow permission for operations: Create from hosts: *
User:client has Allow permission for operations: Write from hosts: *
Adding ACLs for resource `ResourcePattern(resourceType=TOPIC, name=e2etopic,
patternType=LITERAL)`:
(principal=User:client, host=*, operation=DESCRIBE,
permissionType=ALLOW)
(principal=User:client, host=*, operation=READ, permissionType=ALLOW)
Adding ACLs for resource `ResourcePattern(resourceType=GROUP, name=group,
patternType=LITERAL)`:
(principal=User:client, host=*, operation=READ, permissionType=ALLOW)
Current ACLs for resource `Topic:LITERAL:e2etopic`:
User:client has Allow permission for operations: Read from hosts: *
User:client has Allow permission for operations: Describe from hosts: *
User:client has Allow permission for operations: Create from hosts: *
User:client has Allow permission for operations: Write from hosts: *
Current ACLs for resource `Group:LITERAL:group`:
User:client has Allow permission for operations: Read from hosts: *
[2019-11-14 00:07:21,067] ERROR [Consumer clientId=consumer-group-74,
groupId=group] Topic authorization failed for topics [e2etopic]
(org.apache.kafka.clients.Metadata:283)
Adding ACLs for resource `ResourcePattern(resourceType=CLUSTER,
name=kafka-cluster, patternType=LITERAL)`:
(principal=User:kafka, host=*, operation=CLUSTER_ACTION,
permissionType=ALLOW)
Current ACLs for resource `Cluster:LITERAL:kafka-cluster`:
User:kafka has Allow permission for operations: ClusterAction from
hosts: *
Adding ACLs for resource `ResourcePattern(resourceType=TOPIC, name=*,
patternType=LITERAL)`:
(principal=User:kafka, host=*, operation=READ, permissionType=ALLOW)
Current ACLs for resource `Topic:LITERAL:*`:
User:kafka has Allow permission for operations: Read from hosts: *
Debug is true storeKey true useTicketCache false useKeyTab true doNotPrompt
false ticketCache is null isInitiator true KeyTab is
/tmp/kafka3830268151830041256.tmp refreshKrb5Config is false principal is
kafka/[email protected] tryFirstPass is false useFirstPass is false
storePass is false clearPass is false
principal is kafka/[email protected]
Will use keytab
Commit Succeeded
Adding ACLs for resource `ResourcePattern(resourceType=TOPIC, name=e2etopic,
patternType=LITERAL)`:
(principal=User:client, host=*, operation=DESCRIBE,
permissionType=ALLOW)
(principal=User:client, host=*, operation=CREATE, permissionType=ALLOW)
(principal=User:client, host=*, operation=WRITE, permissionType=ALLOW)
Current ACLs for resource `Topic:LITERAL:e2etopic`:
User:client has Allow permission for operations: Describe from hosts: *
User:client has Allow permission for operations: Create from hosts: *
User:client has Allow permission for operations: Write from hosts: *
Adding ACLs for resource `ResourcePattern(resourceType=TOPIC, name=e2etopic,
patternType=LITERAL)`:
(principal=User:client, host=*, operation=DESCRIBE,
permissionType=ALLOW)
(principal=User:client, host=*, operation=READ, permissionType=ALLOW)
Adding ACLs for resource `ResourcePattern(resourceType=GROUP, name=group,
patternType=LITERAL)`:
(principal=User:client, host=*, operation=READ, permissionType=ALLOW)
Current ACLs for resource `Topic:LITERAL:e2etopic`:
User:client has Allow permission for operations: Read from hosts: *
User:client has Allow permission for operations: Describe from hosts: *
User:client has Allow permission for operations: Create from hosts: *
User:client has Allow permission for operations: Write from hosts: *
Current ACLs for resource `Group:LITERAL:group`:
User:client has Allow permission for operations: Read from hosts: *
Debug is true storeKey true useTicketCache false useKeyTab true doNotPrompt
false ticketCache is null isInitiator true KeyTab is
/tmp/kafka3967813509415878539.tmp refreshKrb5Config is false principal is
[email protected] tryFirstPass is false useFirstPass is false storePass is
false clearPass is false
principal is [email protected]
Will use keytab
Commit Succeeded {noformat}
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
