You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@kafka.apache.org by "Dustin Cote (JIRA)" <ji...@apache.org> on 2017/09/29 12:38:01 UTC

[jira] [Created] (KAFKA-5994) Improve transparency of broker user ACL misconfigurations

Dustin Cote created KAFKA-5994:
----------------------------------

             Summary: Improve transparency of broker user ACL misconfigurations
                 Key: KAFKA-5994
                 URL: https://issues.apache.org/jira/browse/KAFKA-5994
             Project: Kafka
          Issue Type: Improvement
          Components: security
    Affects Versions: 0.10.2.1
            Reporter: Dustin Cote


When the user for inter broker communication is not a super user and ACLs are configured with allow.everyone.if.no.acl.found=false, the cluster will not serve data. This is extremely confusing to debug because there is no security negotiation problem or indication of an error other than no data can make it in or out of the broker. If one knew to look in the authorizer log, it would be more clear, but that didn't make it into my workflow at least. Here's an example of a problematic debugging scenario

SASL_SSL, SSL, SASL_PLAINTEXT ports on the brokers
SASL user specified in `super.users`
SSL specified as the inter broker protocol

The only way I could figure out ACLs were an issue without gleaning it through configuration inspection was that controlled shutdown indicated that a cluster action had failed. 

It would be good if we could be more transparent about the failure here. 



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)