chia7712 commented on code in PR #15280:
URL: https://github.com/apache/kafka/pull/15280#discussion_r1511627095
##########
clients/src/main/java/org/apache/kafka/common/security/scram/internals/ScramSaslServer.java:
##########
@@ -143,7 +146,7 @@ public byte[] evaluateResponse(byte[] response) throws
SaslException, SaslAuthen
} catch (SaslException | AuthenticationException e) {
throw e;
} catch (Throwable e) {
- throw new SaslException("Authentication failed:
Credentials could not be obtained", e);
+ throw new SaslException("Authentication failed:
Credentials could not be obtained" + (username == null ? "" : " for user " +
Utils.sanitizeString(username, USERNAME_MAX_LEN)), e);
Review Comment:
why we handle null `username` here? the previous invocation of
`Utils.sanitizeString` does not.
##########
clients/src/main/java/org/apache/kafka/common/security/scram/internals/ScramSaslServer.java:
##########
@@ -116,7 +118,7 @@ public byte[] evaluateResponse(byte[] response) throws
SaslException, SaslAuthen
credentialCallback = tokenCallback;
callbackHandler.handle(new
Callback[]{nameCallback, tokenCallback});
if (tokenCallback.tokenOwner() == null)
- throw new SaslException("Token Authentication
failed: Invalid tokenId : " + username);
+ throw new SaslException("Token Authentication
failed: Invalid tokenId : " + Utils.sanitizeString(username, USERNAME_MAX_LEN));
Review Comment:
How about "Token Authentication failed: Invalid tokenId from username "
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: jira-unsubscr...@kafka.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
