Details
-
Improvement
-
Status: Open
-
Major
-
Resolution: Unresolved
-
2.4.1
-
None
-
None
Description
When using the PlainLoginModule and a client application is providing a wrong password, you get endless error logs telling:
[2020-10-15 07:00:05,263] INFO [SocketServer brokerId=4] Failed authentication with myhost.mycompany.fr/192.168.35.194 (Authentication failed: Invalid username or password) (org.apache.kafka.common.network.Selector) [2020-10-15 07:00:06,400] INFO [SocketServer brokerId=4] Failed authentication with myhost.mycompany.fr/192.168.35.194 (Authentication failed: Invalid username or password) (org.apache.kafka.common.network.Selector)
When this client is running in Kubernetes the hostname and IP have no meaning because they represent the Kubernetes host. So it's very hard for us to find the misconfigured application.
I'd like to have the username in the error message so as to make it easier to find the source of the error.
From a security a point view it may be interesting to know that a given user is used to brute force a password or may have been pawned.
I seems easy to do it in https://github.com/apache/kafka/blob/trunk/clients/src/main/java/org/apache/kafka/common/security/plain/internals/PlainSaslServer.java#L107
Attachments
Issue Links
- links to