[KAFKA-8530] Consumer should handle authorization errors in OffsetFetch - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 2.4.0, 2.3.1
Component/s: consumer
Labels:
None

Description

Found this in a test failure:

10:40:43 kafka.api.PlaintextEndToEndAuthorizationTest > testNoConsumeWithoutDescribeAclViaSubscribe FAILED
10:40:43 java.lang.Exception: Unexpected exception, expected<org.apache.kafka.common.errors.TopicAuthorizationException> but was<org.apache.kafka.common.KafkaException>
10:40:43
10:40:43 Caused by:
10:40:43 org.apache.kafka.common.KafkaException: Unexpected error in fetch offset response for partition e2etopic-0: Not authorized to access topics: [Topic authorization failed.]

The problem is that we are not checking for authorization errors in the offset fetch response. Rather than throwing TopicAuthorizationException, we currently raise a plain KafkaException. The test case works most of the time because we usually see the authorization error when the first Metadata request is sent. It's unclear why that didn't happen here. Possibly there is a race condition setting the initial ACLs.

Attachments

Issue Links

links to

GitHub Pull Request #6928

Activity

People

Assignee:: Jason Gustafson

Reporter:: Jason Gustafson

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 12/Jun/19 22:06

Updated:: 16/Jul/19 14:09

Resolved:: 14/Jun/19 15:16