cmccabe commented on a change in pull request #10550:
URL: https://github.com/apache/kafka/pull/10550#discussion_r630598753
##########
File path: tests/kafkatest/services/kafka/kafka.py
##########
@@ -863,7 +878,7 @@ def kafka_configs_cmd_with_optional_security_settings(self,
node, force_use_zk_c
# configure JAAS to provide the typical client credentials
jaas_conf_prop = KafkaService.JAAS_CONF_PROPERTY
use_inter_broker_mechanism_for_client = False
- optional_jass_krb_system_props_prefix = "KAFKA_OPTS='-D%s -D%s' "
% (jaas_conf_prop, KafkaService.KRB5_CONF)
+ optional_jass_krb_system_props_prefix = "KAFKA_OPTS='-D%s -D%s' "
% (jaas_conf_prop, KafkaService.KRB5_CONF) if security_protocol_to_use != "SSL"
else ""
Review comment:
I'm confused by the logic here. If we have security_protocol==SSL then
we do not define the jaas properties in KAFKA_OPTS? Seems a bit weird -- why
define this when we're using PLAINTEXT or when we're using SASL_SSL, but not
when using SSL? Can you add a comment about how this works?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
