Uploaded image for project: 'Kafka'
  1. Kafka
  2. KAFKA-14135

KafkaConfig value sasl.server.callback.handler.class is set to null even when custom class is used

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Open
    • Major
    • Resolution: Unresolved
    • 3.2.0
    • None
    • config, security
    • None

    Description

      As mentioned in the summary, the value `sasl.server.callback.handler.class` is set to `null` in the terminal printout of the KafkaConfig object, even though a custom handler class has been configured, and has been confirmed to be used by Kafka (by testing the callback's behavior).

       

      This issue can (has) lead to hours of unnecessary debugging, as well as potential security issues, since not knowing if your brokers are using, for example, the insecure SASL/OAUTHBEARER default handler bundled with Kafka, or some custom implementation, can lead to security breaches.

      Attachments

        1. ServerPropertiesPartial.png
          12 kB
          Gábor Nagy
        2. KafkaConfigPrintoutPartial.png
          75 kB
          Gábor Nagy

        Activity

          People

            Unassigned Unassigned
            CreativeCookie Gábor Nagy
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated: