Hi Team, I have implemented Basic auth validation for Kafka Connect REST Interface. I noticed that the worker process needs the password file only till the time first query is made to the REST Interface. Post the first query even if we delete the file containing password , we can keep querying the REST interface without any issues.
e.g. 1.Start the distributed worker. 2.Make a query like curl --user <username> -k https:// <host>:<port>/connectors 3.Delete the password file specified in the Jaas config 4.Make another query with curl and the output is still delivered. On the other hand : 1.Start the distributed worker. 2.Delete the password file specified in the Jaas config 3. Make a query like curl --user <username> -k https://<host>:<port>/connectors 4. user unauthorized error comes up. What I feel is that the REST Interface caches the credentials post the first time any query is made to the worker and then uses the same till the lifetime of the worker process.* Could you please validate this understanding* *MY CONFIG DETAILS ARE BELOW* *Updating below in the distributed worker : * rest.extension.classes=org.apache.kafka.connect.rest.basic.auth.extension.BasicAuthSecurityRestExtension *and creating a jaas config * KafkaConnect { org.apache.kafka.connect.rest.basic.auth.extension.PropertyFileLoginModule required file="connect.password"; }; *Updating userid password in the file connect.password * Regards Ashish