You are viewing a plain text version of this content. The canonical link for it is here.
Posted to jira@kafka.apache.org by "Rajini Sivaram (Jira)" <ji...@apache.org> on 2021/05/05 15:40:00 UTC
[jira] [Updated] (KAFKA-12730) A single Kerberos login failure
fails all future connections from Java 9 onwards
[ https://issues.apache.org/jira/browse/KAFKA-12730?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Rajini Sivaram updated KAFKA-12730:
-----------------------------------
Fix Version/s: 2.8.1
2.7.2
2.6.3
2.5.2
> A single Kerberos login failure fails all future connections from Java 9 onwards
> --------------------------------------------------------------------------------
>
> Key: KAFKA-12730
> URL: https://issues.apache.org/jira/browse/KAFKA-12730
> Project: Kafka
> Issue Type: Bug
> Components: security
> Reporter: Rajini Sivaram
> Assignee: Rajini Sivaram
> Priority: Major
> Fix For: 3.0.0, 2.5.2, 2.6.3, 2.7.2, 2.8.1
>
>
> The refresh thread for Kerberos performs re-login by logging out and then logging in again. If login fails, we retry after a backoff. Every iteration of the loop performs loginContext.logout() and loginContext.login(). If login fails, we end up with two consecutive logouts. This used to work, but from Java 9 onwards, this results in a NullPointerException due to https://bugs.openjdk.java.net/browse/JDK-8173069. We should check if logout is required before attempting logout.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)