You are viewing a plain text version of this content. The canonical link for it is here.

Posted to jira@kafka.apache.org by "Gérald Quintana (Jira)" <ji...@apache.org> on 2020/10/15 05:48:00 UTC

[jira] [Updated] (KAFKA-10615) Plain authentication failure log detail

     [ https://issues.apache.org/jira/browse/KAFKA-10615?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Gérald Quintana updated KAFKA-10615:
------------------------------------
    Summary: Plain authentication failure log detail  (was: Authentication failure log detail)

> Plain authentication failure log detail
> ---------------------------------------
>
>                 Key: KAFKA-10615
>                 URL: https://issues.apache.org/jira/browse/KAFKA-10615
>             Project: Kafka
>          Issue Type: Improvement
>          Components: security
>    Affects Versions: 2.4.1
>            Reporter: Gérald Quintana
>            Priority: Major
>
> When using the PlainLoginModule and a client application is providing a wrong password, you get endless error logs telling:
> {code:java}
> [2020-10-15 07:00:05,263] INFO [SocketServer brokerId=4] Failed authentication with myhost.mycompany.fr/192.168.35.194 (Authentication failed: Invalid username or password) (org.apache.kafka.common.network.Selector)
> [2020-10-15 07:00:06,400] INFO [SocketServer brokerId=4] Failed authentication with myhost.mycompany.fr/192.168.35.194 (Authentication failed: Invalid username or password) (org.apache.kafka.common.network.Selector){code}
>  
> When this client is running in Kubernetes the hostname and IP have no meaning because they represent the Kubernetes host. So it's very hard for us to find the misconfigured application.
> I'd like to have the username in the error message so as to make it easier to find the source of the error.
> From a security a point view it may be interesting to know that a given user is used to brute force a password or may have been pawned.
> I seems easy to do it in [https://github.com/apache/kafka/blob/trunk/clients/src/main/java/org/apache/kafka/common/security/plain/internals/PlainSaslServer.java#L107]



--
This message was sent by Atlassian Jira
(v8.3.4#803005)