You are viewing a plain text version of this content. The canonical link for it is here.
Posted to jira@kafka.apache.org by "Stefan Bejan (Jira)" <ji...@apache.org> on 2020/11/26 12:48:00 UTC
[jira] [Updated] (KAFKA-10717) ACL authorization log when consumer
requires all topics
[ https://issues.apache.org/jira/browse/KAFKA-10717?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Stefan Bejan updated KAFKA-10717:
---------------------------------
Affects Version/s: 2.6.0
> ACL authorization log when consumer requires all topics
> -------------------------------------------------------
>
> Key: KAFKA-10717
> URL: https://issues.apache.org/jira/browse/KAFKA-10717
> Project: Kafka
> Issue Type: Improvement
> Components: log
> Affects Versions: 2.6.0, 2.5.1
> Environment: kafka 2.5.1
> .net confluent consumer (nuget 1.5.2)
> Reporter: Stefan Bejan
> Priority: Minor
>
> When a consumer requires metadata (describe) on all the topics - for example on startup, it receives information about the topics it has access to, in accordance with its ACL permissions, as expected.
> However, the kafka broker logs that the user is not authorized to describe all the other topics. If there is a large number of topics in the system and one particular user has describe access to a small subset, a lot of entries are inserted in {{kafka-authorizer.log}} file. Moreover, this happens for each consumer, each time they refresh the metadata (by default, each 5 minutes).
> This issue has been reproduced using Confluent .NET consumer ([https://github.com/confluentinc/confluent-kafka-dotnet/issues/1457]) and using a client connection from Kafka Tool 2.0.8.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)