[ https://issues.apache.org/jira/browse/KAFKA-2644?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14975393#comment-14975393 ]
Rajini Sivaram commented on KAFKA-2644: --------------------------------------- [~ewencp] Thank you once again for running the tests. MiniKdc started up this time, but Kafka was still failing to start with SASL. I have pushed a fix, but since I dont have an Oracle JVM, I am not sure if it does fix the issue. Tests don't hit this issue with OpenJDK. [~ijuma] [~harsha_ch] Kafka was failing to start with the exception below. I think it may be because doNotPrompt option was not specified in jaas.conf. I took the Jaas options for Sun Krb5LoginModule from the tests in kafka/core. Were these tests run with the JDK used for system tests? I have pushed a change to include doNotPrompt=true, but just wanted to check. If this option is required for the Oracle JVM, we may want to include it in the jaas,conf used for the tests in kafka/core as well. {quote} org.apache.kafka.common.KafkaException: javax.security.auth.login.LoginException: No password provided at org.apache.kafka.common.network.SaslChannelBuilder.configure(SaslChannelBuilder.java:76) at org.apache.kafka.common.network.ChannelBuilders.create(ChannelBuilders.java:56) at kafka.network.Processor.<init>(SocketServer.scala:379) at kafka.network.SocketServer$$anonfun$startup$1$$anonfun$apply$1.apply$mcVI$sp(SocketServer.scala:96) at scala.collection.immutable.Range.foreach$mVc$sp(Range.scala:141) at kafka.network.SocketServer$$anonfun$startup$1.apply(SocketServer.scala:95) at kafka.network.SocketServer$$anonfun$startup$1.apply(SocketServer.scala:91) at scala.collection.Iterator$class.foreach(Iterator.scala:727) at scala.collection.AbstractIterator.foreach(Iterator.scala:1157) at scala.collection.MapLike$DefaultValuesIterable.foreach(MapLike.scala:206) at kafka.network.SocketServer.startup(SocketServer.scala:91) at kafka.server.KafkaServer.startup(KafkaServer.scala:178) at kafka.server.KafkaServerStartable.startup(KafkaServerStartable.scala:37) at kafka.Kafka$.main(Kafka.scala:67) at kafka.Kafka.main(Kafka.scala) Caused by: javax.security.auth.login.LoginException: No password provided at com.sun.security.auth.module.Krb5LoginModule.promptForPass(Krb5LoginModule.java:878) at com.sun.security.auth.module.Krb5LoginModule.attemptAuthentication(Krb5LoginModule.java:719) at com.sun.security.auth.module.Krb5LoginModule.login(Krb5LoginModule.java:584) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:606) at javax.security.auth.login.LoginContext.invoke(LoginContext.java:762) at javax.security.auth.login.LoginContext.access$000(LoginContext.java:203) at javax.security.auth.login.LoginContext$4.run(LoginContext.java:690) at javax.security.auth.login.LoginContext$4.run(LoginContext.java:688) at java.security.AccessController.doPrivileged(Native Method) at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:687) at javax.security.auth.login.LoginContext.login(LoginContext.java:595) at org.apache.kafka.common.security.kerberos.Login.login(Login.java:308) at org.apache.kafka.common.security.kerberos.Login.<init>(Login.java:104) at org.apache.kafka.common.security.kerberos.LoginManager.<init>(LoginManager.java:43) at org.apache.kafka.common.security.kerberos.LoginManager.acquireLoginManager(LoginManager.java:84) at org.apache.kafka.common.network.SaslChannelBuilder.configure(SaslChannelBuilder.java:59) {quote} > Run relevant ducktape tests with SASL_PLAINTEXT and SASL_SSL > ------------------------------------------------------------ > > Key: KAFKA-2644 > URL: https://issues.apache.org/jira/browse/KAFKA-2644 > Project: Kafka > Issue Type: Sub-task > Components: security > Reporter: Ismael Juma > Assignee: Rajini Sivaram > Priority: Critical > Fix For: 0.9.0.0 > > > We need to define which of the existing ducktape tests are relevant. cc > [~rsivaram] -- This message was sent by Atlassian JIRA (v6.3.4#6332)