[ https://issues.apache.org/jira/browse/KAFKA-4764?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16165998#comment-16165998 ]
ASF GitHub Bot commented on KAFKA-4764: --------------------------------------- Github user rajinisivaram closed the pull request at: https://github.com/apache/kafka/pull/2546 > Improve diagnostics for SASL authentication failures > ---------------------------------------------------- > > Key: KAFKA-4764 > URL: https://issues.apache.org/jira/browse/KAFKA-4764 > Project: Kafka > Issue Type: Improvement > Components: security > Affects Versions: 0.10.2.0 > Reporter: Rajini Sivaram > Assignee: Rajini Sivaram > Fix For: 1.0.0 > > > At the moment, broker closes the client connection if SASL authentication > fails. Clients see this as a connection failure and do not get any feedback > for the reason why the connection was closed. Producers and consumers retry, > attempting to create successful connections, treating authentication failures > as transient failures. There are no log entries on the client-side which > indicate that any of these connection failures were due to authentication > failure. > This JIRA will aim to improve diagnosis of authentication failures with the > changes described in > [KIP-152|https://cwiki.apache.org/confluence/display/KAFKA/KIP-152+-+Improve+diagnostics+for+SASL+authentication+failures]. > This JIRA also does not change handling of SSL authentication failures. > javax.net.debug provides sufficient diagnostics for this case. SSL changes > are harder to do while preserving backward compatibility. -- This message was sent by Atlassian JIRA (v6.4.14#64029)