You are viewing a plain text version of this content. The canonical link for it is here.
Posted to jira@kafka.apache.org by "Stefan Bejan (Jira)" <ji...@apache.org> on 2020/11/13 07:21:00 UTC
[jira] [Created] (KAFKA-10717) ACL authorization log when consumer
requires all topics
Stefan Bejan created KAFKA-10717:
------------------------------------
Summary: ACL authorization log when consumer requires all topics
Key: KAFKA-10717
URL: https://issues.apache.org/jira/browse/KAFKA-10717
Project: Kafka
Issue Type: Improvement
Components: log
Affects Versions: 2.5.1
Environment: kafka 2.5.1
.net confluent consumer (nuget 1.5.2)
Reporter: Stefan Bejan
When a consumer requires metadata (describe) on all the topics - for example on startup, it receives information about the topics it has access to, in accordance with its ACL permissions, as expected.
However, the kafka broker logs that the user is not authorized to describe all the other topics. If there is a large number of topics in the system and one particular user has describe access to a small subset, a lot of entries are inserted in {{kafka-authorizer.log}} file. Moreover, this happens for each consumer, each time they refresh the metadata (by default, each 5 minutes).
This issue has been reproduced using Confluent .NET consumer ([https://github.com/confluentinc/confluent-kafka-dotnet/issues/1457]) and using a client connection from Kafka Tool 2.0.8.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)