You are viewing a plain text version of this content. The canonical link for it is here.
Posted to jira@kafka.apache.org by "Vyacheslav Boyko (Jira)" <ji...@apache.org> on 2021/10/06 10:39:00 UTC
[jira] [Updated] (KAFKA-13352) Kafka Client does not support
passwords starting with number in jaas config
[ https://issues.apache.org/jira/browse/KAFKA-13352?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Vyacheslav Boyko updated KAFKA-13352:
-------------------------------------
Description:
I'm trying to connect to Kafka with Apache Camel's component.
I have SASL JAAS CONFIG param as:
{code:java}
"org.apache.kafka.common.security.plain.PlainLoginModule required username=pf_kafka_card-products password=8GMf0yWkLHrI4cNYYoyHGxclkXCLSCGJ;" {code}
And I faced an issue during my application starts:
{code:java}
Caused by: java.lang.IllegalArgumentException: Value not specified for key 'password' in JAAS config {code}
I have tried to inspect this issue. I prepared a block of code to reproduce it (Original code is in JaasConfig.java in kafka-clients-...jar). Here it is:
{code:java}
public static void main(String[] args) {
String test = "org.apache.kafka.common.security.plain.PlainLoginModule required username=pf_kafka_card-products password=8GMf0yWkLHrI4cNYYoyHGxclkXCLSCGJ;";
testJaasConfig(test);
//SpringApplication.run(CardApplication.class, args);
}
private static void testJaasConfig(String config) {
StreamTokenizer tokenizer = new StreamTokenizer(new StringReader(config));
tokenizer.slashSlashComments(true);
tokenizer.slashStarComments(true);
tokenizer.wordChars('-', '-');
tokenizer.wordChars('_', '_');
tokenizer.wordChars('$', '$');
tokenizer.wordChars('0', '9');
List<AppConfigurationEntry> configEntries;
try {
configEntries = new ArrayList<>();
while (tokenizer.nextToken() != StreamTokenizer.TT_EOF) {
configEntries.add(parseAppConfigurationEntry(tokenizer));
}
if (configEntries.isEmpty())
throw new IllegalArgumentException("Login module not specified in JAAS config");
} catch (IOException e) {
throw new KafkaException("Unexpected exception while parsing JAAS config");
}
}
private static AppConfigurationEntry parseAppConfigurationEntry(StreamTokenizer tokenizer) throws IOException {
String loginModule = tokenizer.sval;
if (tokenizer.nextToken() == StreamTokenizer.TT_EOF)
throw new IllegalArgumentException("Login module control flag not specified in JAAS config");
AppConfigurationEntry.LoginModuleControlFlag controlFlag = loginModuleControlFlag(tokenizer.sval);
Map<String, String> options = new HashMap<>();
while (tokenizer.nextToken() != StreamTokenizer.TT_EOF && tokenizer.ttype != ';') {
String key = tokenizer.sval;
if (tokenizer.nextToken() != '=' || tokenizer.nextToken() == StreamTokenizer.TT_EOF || tokenizer.sval == null)
throw new IllegalArgumentException("Value not specified for key '" + key + "' in JAAS config");
String value = tokenizer.sval;
options.put(key, value);
}
if (tokenizer.ttype != ';')
throw new IllegalArgumentException("JAAS config entry not terminated by semi-colon");
return new AppConfigurationEntry(loginModule, controlFlag, options);
}
private static AppConfigurationEntry.LoginModuleControlFlag loginModuleControlFlag(String flag) {
if (flag == null)
throw new IllegalArgumentException("Login module control flag is not available in the JAAS config");
AppConfigurationEntry.LoginModuleControlFlag controlFlag;
switch (flag.toUpperCase(Locale.ROOT)) {
case "REQUIRED":
controlFlag = AppConfigurationEntry.LoginModuleControlFlag.REQUIRED;
break;
case "REQUISITE":
controlFlag = AppConfigurationEntry.LoginModuleControlFlag.REQUISITE;
break;
case "SUFFICIENT":
controlFlag = AppConfigurationEntry.LoginModuleControlFlag.SUFFICIENT;
break;
case "OPTIONAL":
controlFlag = AppConfigurationEntry.LoginModuleControlFlag.OPTIONAL;
break;
default:
throw new IllegalArgumentException("Invalid login module control flag '" + flag + "' in JAAS config");
}
return controlFlag;
}
{code}
I have solved this issue by changing my password from
{code:java}
8GMf0yWkLHrI4cNYYoyHGxclkXCLSCGJ {code}
to
{code:java}
aaa {code}
This leads me to suggestion that Tokenizer interprets any leading digit as 'bad' symbol and it breaks to parse the whole line.
was:
I'm trying to connect to Kafka with Apache Camel's component.
I have SASL JAAS CONFIG param as:
{code:java}
"org.apache.kafka.common.security.plain.PlainLoginModule required username=pf_kafka_card-products password=8GMf0yWkLHrI4cNYYoyHGxclkXCLSCGJ;" {code}
And I faced an issue during my application starts:
{code:java}
Caused by: java.lang.IllegalArgumentException: Value not specified for key 'password' in JAAS config {code}
I have tried to inspect this issue. I prepared a block of code to reproduce it (Original code is in JaasConfig.java in kafka-client-*.*.jar). Here it is:
{code:java}
public static void main(String[] args) {
String test = "org.apache.kafka.common.security.plain.PlainLoginModule required username=pf_kafka_card-products password=8GMf0yWkLHrI4cNYYoyHGxclkXCLSCGJ;";
testJaasConfig(test);
//SpringApplication.run(CardApplication.class, args);
}
private static void testJaasConfig(String config) {
StreamTokenizer tokenizer = new StreamTokenizer(new StringReader(config));
tokenizer.slashSlashComments(true);
tokenizer.slashStarComments(true);
tokenizer.wordChars('-', '-');
tokenizer.wordChars('_', '_');
tokenizer.wordChars('$', '$');
tokenizer.wordChars('0', '9');
List<AppConfigurationEntry> configEntries;
try {
configEntries = new ArrayList<>();
while (tokenizer.nextToken() != StreamTokenizer.TT_EOF) {
configEntries.add(parseAppConfigurationEntry(tokenizer));
}
if (configEntries.isEmpty())
throw new IllegalArgumentException("Login module not specified in JAAS config");
} catch (IOException e) {
throw new KafkaException("Unexpected exception while parsing JAAS config");
}
}
private static AppConfigurationEntry parseAppConfigurationEntry(StreamTokenizer tokenizer) throws IOException {
String loginModule = tokenizer.sval;
if (tokenizer.nextToken() == StreamTokenizer.TT_EOF)
throw new IllegalArgumentException("Login module control flag not specified in JAAS config");
AppConfigurationEntry.LoginModuleControlFlag controlFlag = loginModuleControlFlag(tokenizer.sval);
Map<String, String> options = new HashMap<>();
while (tokenizer.nextToken() != StreamTokenizer.TT_EOF && tokenizer.ttype != ';') {
String key = tokenizer.sval;
if (tokenizer.nextToken() != '=' || tokenizer.nextToken() == StreamTokenizer.TT_EOF || tokenizer.sval == null)
throw new IllegalArgumentException("Value not specified for key '" + key + "' in JAAS config");
String value = tokenizer.sval;
options.put(key, value);
}
if (tokenizer.ttype != ';')
throw new IllegalArgumentException("JAAS config entry not terminated by semi-colon");
return new AppConfigurationEntry(loginModule, controlFlag, options);
}
private static AppConfigurationEntry.LoginModuleControlFlag loginModuleControlFlag(String flag) {
if (flag == null)
throw new IllegalArgumentException("Login module control flag is not available in the JAAS config");
AppConfigurationEntry.LoginModuleControlFlag controlFlag;
switch (flag.toUpperCase(Locale.ROOT)) {
case "REQUIRED":
controlFlag = AppConfigurationEntry.LoginModuleControlFlag.REQUIRED;
break;
case "REQUISITE":
controlFlag = AppConfigurationEntry.LoginModuleControlFlag.REQUISITE;
break;
case "SUFFICIENT":
controlFlag = AppConfigurationEntry.LoginModuleControlFlag.SUFFICIENT;
break;
case "OPTIONAL":
controlFlag = AppConfigurationEntry.LoginModuleControlFlag.OPTIONAL;
break;
default:
throw new IllegalArgumentException("Invalid login module control flag '" + flag + "' in JAAS config");
}
return controlFlag;
}
{code}
I have solved this issue by changing my password from
{code:java}
8GMf0yWkLHrI4cNYYoyHGxclkXCLSCGJ {code}
to
{code:java}
aaa {code}
This leads me to suggestion that Tokenizer interprets any leading digit as 'bad' symbol and it breaks to parse the whole line.
> Kafka Client does not support passwords starting with number in jaas config
> ---------------------------------------------------------------------------
>
> Key: KAFKA-13352
> URL: https://issues.apache.org/jira/browse/KAFKA-13352
> Project: Kafka
> Issue Type: Bug
> Affects Versions: 2.7.1
> Reporter: Vyacheslav Boyko
> Priority: Trivial
>
> I'm trying to connect to Kafka with Apache Camel's component.
> I have SASL JAAS CONFIG param as:
> {code:java}
> "org.apache.kafka.common.security.plain.PlainLoginModule required username=pf_kafka_card-products password=8GMf0yWkLHrI4cNYYoyHGxclkXCLSCGJ;" {code}
> And I faced an issue during my application starts:
> {code:java}
> Caused by: java.lang.IllegalArgumentException: Value not specified for key 'password' in JAAS config {code}
> I have tried to inspect this issue. I prepared a block of code to reproduce it (Original code is in JaasConfig.java in kafka-clients-...jar). Here it is:
> {code:java}
> public static void main(String[] args) {
> String test = "org.apache.kafka.common.security.plain.PlainLoginModule required username=pf_kafka_card-products password=8GMf0yWkLHrI4cNYYoyHGxclkXCLSCGJ;";
> testJaasConfig(test);
> //SpringApplication.run(CardApplication.class, args);
> }
> private static void testJaasConfig(String config) {
> StreamTokenizer tokenizer = new StreamTokenizer(new StringReader(config));
> tokenizer.slashSlashComments(true);
> tokenizer.slashStarComments(true);
> tokenizer.wordChars('-', '-');
> tokenizer.wordChars('_', '_');
> tokenizer.wordChars('$', '$');
> tokenizer.wordChars('0', '9');
> List<AppConfigurationEntry> configEntries;
> try {
> configEntries = new ArrayList<>();
> while (tokenizer.nextToken() != StreamTokenizer.TT_EOF) {
> configEntries.add(parseAppConfigurationEntry(tokenizer));
> }
> if (configEntries.isEmpty())
> throw new IllegalArgumentException("Login module not specified in JAAS config");
> } catch (IOException e) {
> throw new KafkaException("Unexpected exception while parsing JAAS config");
> }
> }
> private static AppConfigurationEntry parseAppConfigurationEntry(StreamTokenizer tokenizer) throws IOException {
> String loginModule = tokenizer.sval;
> if (tokenizer.nextToken() == StreamTokenizer.TT_EOF)
> throw new IllegalArgumentException("Login module control flag not specified in JAAS config");
> AppConfigurationEntry.LoginModuleControlFlag controlFlag = loginModuleControlFlag(tokenizer.sval);
> Map<String, String> options = new HashMap<>();
> while (tokenizer.nextToken() != StreamTokenizer.TT_EOF && tokenizer.ttype != ';') {
> String key = tokenizer.sval;
> if (tokenizer.nextToken() != '=' || tokenizer.nextToken() == StreamTokenizer.TT_EOF || tokenizer.sval == null)
> throw new IllegalArgumentException("Value not specified for key '" + key + "' in JAAS config");
> String value = tokenizer.sval;
> options.put(key, value);
> }
> if (tokenizer.ttype != ';')
> throw new IllegalArgumentException("JAAS config entry not terminated by semi-colon");
> return new AppConfigurationEntry(loginModule, controlFlag, options);
> }
> private static AppConfigurationEntry.LoginModuleControlFlag loginModuleControlFlag(String flag) {
> if (flag == null)
> throw new IllegalArgumentException("Login module control flag is not available in the JAAS config");
> AppConfigurationEntry.LoginModuleControlFlag controlFlag;
> switch (flag.toUpperCase(Locale.ROOT)) {
> case "REQUIRED":
> controlFlag = AppConfigurationEntry.LoginModuleControlFlag.REQUIRED;
> break;
> case "REQUISITE":
> controlFlag = AppConfigurationEntry.LoginModuleControlFlag.REQUISITE;
> break;
> case "SUFFICIENT":
> controlFlag = AppConfigurationEntry.LoginModuleControlFlag.SUFFICIENT;
> break;
> case "OPTIONAL":
> controlFlag = AppConfigurationEntry.LoginModuleControlFlag.OPTIONAL;
> break;
> default:
> throw new IllegalArgumentException("Invalid login module control flag '" + flag + "' in JAAS config");
> }
> return controlFlag;
> }
> {code}
> I have solved this issue by changing my password from
> {code:java}
> 8GMf0yWkLHrI4cNYYoyHGxclkXCLSCGJ {code}
> to
> {code:java}
> aaa {code}
> This leads me to suggestion that Tokenizer interprets any leading digit as 'bad' symbol and it breaks to parse the whole line.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)