[ https://issues.apache.org/jira/browse/KAFKA-5945?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Damian Guy updated KAFKA-5945: ------------------------------ Fix Version/s: (was: 1.1.0) 1.2.0 > Improve handling of authentication failures when credentials are removed > ------------------------------------------------------------------------ > > Key: KAFKA-5945 > URL: https://issues.apache.org/jira/browse/KAFKA-5945 > Project: Kafka > Issue Type: Improvement > Components: clients > Affects Versions: 1.0.0 > Reporter: Rajini Sivaram > Assignee: Rajini Sivaram > Priority: Major > Fix For: 1.2.0 > > > KAFKA-5854 improves the handling of authentication failures. The scope of > KAFKA-5854 was limited to a specific scenario - provide better feedback to > applications when security is misconfigured. The PR improves diagnostics for > this scenario by throwing an AuthenticationException and also avoids retries. > To enable this, the first request initiated by any public API was updated to > throw authentication exceptions. > This JIRA is for a more extensive handling of authentication exceptions which > also includes proper handling of credential updates at any time. If a > credential is removed, then we could see authentication exception from any > request and we want to propagate this properly. This needs quite extensive > testing and is less likely to be hit by users, so it will be done later under > this JIRA. > The gaps that need covering are: > 1. Ensure authentication failures are processed in the Network client for any > request > 2. Ensure metadata refresh failures are handled properly at any time > 3. Heartbeat threads and other background threads should handle > authentication failures. Threads should not terminate on failure, but should > avoid retries until application performs a new operation. -- This message was sent by Atlassian JIRA (v7.6.3#76005)