You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@kafka.apache.org by "Jason Gustafson (JIRA)" <ji...@apache.org> on 2019/06/12 22:07:00 UTC

[jira] [Created] (KAFKA-8530) Consumer should handle authorization errors in OffsetFetch

Jason Gustafson created KAFKA-8530:
--------------------------------------

             Summary: Consumer should handle authorization errors in OffsetFetch
                 Key: KAFKA-8530
                 URL: https://issues.apache.org/jira/browse/KAFKA-8530
             Project: Kafka
          Issue Type: Bug
          Components: consumer
            Reporter: Jason Gustafson
            Assignee: Jason Gustafson


Found this in a test failure:
{code:java}
10:40:43 kafka.api.PlaintextEndToEndAuthorizationTest > testNoConsumeWithoutDescribeAclViaSubscribe FAILED
10:40:43 java.lang.Exception: Unexpected exception, expected<org.apache.kafka.common.errors.TopicAuthorizationException> but was<org.apache.kafka.common.KafkaException>
10:40:43
10:40:43 Caused by:
10:40:43 org.apache.kafka.common.KafkaException: Unexpected error in fetch offset response for partition e2etopic-0: Not authorized to access topics: [Topic authorization failed.]{code}
The problem is that we are not checking for authorization errors in the offset fetch response. Rather than throwing {{TopicAuthorizationException}}, we currently raise a plain {{KafkaException}}. The test case works most of the time because we usually see the authorization error when the first Metadata request is sent. It's unclear why that didn't happen here. Possibly there is a race condition setting the initial ACLs.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)