Hello, When trying to connect our Kafka client to an Azure Event Hub via SASL_SSL we encounter an error in the authentication process.
IllegalSaslStateException: Invalid SASL mechanism response, server may be expecting a different protocol at 2020-08-07T05:03:16.072637487Z, trace: org.apache.kafka.common.errors.IllegalSaslStateException: Invalid SASL mechanism response, server may be expecting a different protocol Caused by: org.apache.kafka.common.protocol.types.SchemaException: Error reading field auth_bytes: Bytes size -1 cannot be negative at org.apache.kafka.common.protocol.types.Schema.read(Schema.java:110) at org.apache.kafka.common.protocol.ApiKeys.parseResponse(ApiKeys.java:313) at org.apache.kafka.clients.NetworkClient.parseStructMaybeUpdateThrottleTimeMetrics(NetworkClient.java:725) at org.apache.kafka.clients.NetworkClient.parseResponse(NetworkClient.java:712) at org.apache.kafka.common.security.authenticator.SaslClientAuthenticator.receiveKafkaResponse(SaslClientAuthenticator.java:523) at org.apache.kafka.common.security.authenticator.SaslClientAuthenticator.receiveToken(SaslClientAuthenticator.java:457) at org.apache.kafka.common.security.authenticator.SaslClientAuthenticator.authenticate(SaslClientAuthenticator.java:266) at org.apache.kafka.common.network.KafkaChannel.prepare(KafkaChannel.java:177) at org.apache.kafka.common.network.Selector.pollSelectionKeys(Selector.java:547) at org.apache.kafka.common.network.Selector.poll(Selector.java:485) at org.apache.kafka.clients.NetworkClient.poll(NetworkClient.java:549) at org.apache.kafka.clients.producer.internals.Sender.runOnce(Sender.java:324) at org.apache.kafka.clients.producer.internals.Sender.run(Sender.java:239) at java.base/java.lang.Thread.run(Thread.java:836) It seems like auth_bytes is incorrect in the token response from Event Hub. Previously when using the client 2.1.1 the connections were working. The sasl configuration with which we’re connecting seems correct to me and was working on the 2.1.1 client as well: bootstrap.servers=XXX.servicebus.windows.net:9093 security.protocol=SASL_SSL sasl.mechanism=PLAIN sasl.jaas.config=org.apache.kafka.common.security.plain.PlainLoginModule required username="$ConnectionString" password="Endpoint=sb://XXXX.servicebus.windows.net/;SharedAccessKeyName=RootManageSharedAccessKey;SharedAccessKey=**************************"; Were there some changes since 2.1.1, which could cause something like that?/ Is this error known to you? Best regards David Schwilk Bosch IoT Things- Product Area IoT Platform (IOC/PAP-TH) Bosch.IO GmbH | Ziegelei 7 | 88090 Immenstaad | GERMANY | www.bosch.io david.schw...@bosch-si.com<mailto:david.schw...@bosch-si.com> Sitz: Berlin, Registergericht: Amtsgericht Charlottenburg; HRB 148411 B Aufsichtsratsvorsitzender: Dr.-Ing. Thorsten Lücke; Geschäftsführung: Dr. Stefan Ferber, Dr. Aleksandar Mitrovic, Yvonne Reckling