You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@kafka.apache.org by "Jason Gustafson (JIRA)" <ji...@apache.org> on 2019/06/12 22:07:00 UTC
[jira] [Created] (KAFKA-8530) Consumer should handle authorization
errors in OffsetFetch
Jason Gustafson created KAFKA-8530:
--------------------------------------
Summary: Consumer should handle authorization errors in OffsetFetch
Key: KAFKA-8530
URL: https://issues.apache.org/jira/browse/KAFKA-8530
Project: Kafka
Issue Type: Bug
Components: consumer
Reporter: Jason Gustafson
Assignee: Jason Gustafson
Found this in a test failure:
{code:java}
10:40:43 kafka.api.PlaintextEndToEndAuthorizationTest > testNoConsumeWithoutDescribeAclViaSubscribe FAILED
10:40:43 java.lang.Exception: Unexpected exception, expected<org.apache.kafka.common.errors.TopicAuthorizationException> but was<org.apache.kafka.common.KafkaException>
10:40:43
10:40:43 Caused by:
10:40:43 org.apache.kafka.common.KafkaException: Unexpected error in fetch offset response for partition e2etopic-0: Not authorized to access topics: [Topic authorization failed.]{code}
The problem is that we are not checking for authorization errors in the offset fetch response. Rather than throwing {{TopicAuthorizationException}}, we currently raise a plain {{KafkaException}}. The test case works most of the time because we usually see the authorization error when the first Metadata request is sent. It's unclear why that didn't happen here. Possibly there is a race condition setting the initial ACLs.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)