Uploaded image for project: 'Kafka'
  1. Kafka
  2. KAFKA-9187

kafka.api.SaslGssapiSslEndToEndAuthorizationTest.testNoDescribeProduceOrConsumeWithoutTopicDescribeAcl

    XMLWordPrintableJSON

Details

    • Test
    • Status: Reopened
    • Major
    • Resolution: Unresolved
    • None
    • 2.4.0
    • core

    Description

      Failed in https://builds.apache.org/job/kafka-pr-jdk8-scala2.11/26593/

       

      Error Messageorg.scalatest.exceptions.TestFailedException: Consumed 0 records before timeout instead of the expected 1 recordsStacktraceorg.scalatest.exceptions.TestFailedException: Consumed 0 records before timeout instead of the expected 1 records
	at org.scalatest.Assertions$class.newAssertionFailedException(Assertions.scala:530)
	at org.scalatest.Assertions$.newAssertionFailedException(Assertions.scala:1389)
	at org.scalatest.Assertions$class.fail(Assertions.scala:1091)
	at org.scalatest.Assertions$.fail(Assertions.scala:1389)
	at kafka.utils.TestUtils$.waitUntilTrue(TestUtils.scala:842)
	at kafka.utils.TestUtils$.pollRecordsUntilTrue(TestUtils.scala:793)
	at kafka.utils.TestUtils$.pollUntilAtLeastNumRecords(TestUtils.scala:1334)
	at kafka.utils.TestUtils$.consumeRecords(TestUtils.scala:1343)
	at kafka.api.EndToEndAuthorizationTest.consumeRecords(EndToEndAuthorizationTest.scala:530)
	at kafka.api.EndToEndAuthorizationTest.testNoDescribeProduceOrConsumeWithoutTopicDescribeAcl(EndToEndAuthorizationTest.scala:369)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.lang.reflect.Method.invoke(Method.java:498)
	at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:59)
	at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:12)
	at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:56)
	at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:17)
	at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:26)
	at org.junit.internal.runners.statements.RunAfters.evaluate(RunAfters.java:27)
	at org.junit.runners.ParentRunner$3.evaluate(ParentRunner.java:305)
	at org.junit.runners.BlockJUnit4ClassRunner$1.evaluate(BlockJUnit4ClassRunner.java:100)
	at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:365)
	at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:103)
	at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:63)
	at org.junit.runners.ParentRunner$4.run(ParentRunner.java:330)
	at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:78)
	at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:328)
	at org.junit.runners.ParentRunner.access$100(ParentRunner.java:65)
	at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:292)
	at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:26)
	at org.junit.internal.runners.statements.RunAfters.evaluate(RunAfters.java:27)
	at org.junit.runners.ParentRunner$3.evaluate(ParentRunner.java:305)
	at org.junit.runners.ParentRunner.run(ParentRunner.java:412)
	at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.runTestClass(JUnitTestClassExecutor.java:110)
	at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.execute(JUnitTestClassExecutor.java:58)
	at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.execute(JUnitTestClassExecutor.java:38)
	at org.gradle.api.internal.tasks.testing.junit.AbstractJUnitTestClassProcessor.processTestClass(AbstractJUnitTestClassProcessor.java:62)
	at org.gradle.api.internal.tasks.testing.SuiteTestClassProcessor.processTestClass(SuiteTestClassProcessor.java:51)
	at sun.reflect.GeneratedMethodAccessor12.invoke(Unknown Source)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.lang.reflect.Method.invoke(Method.java:498)
	at org.gradle.internal.dispatch.ReflectionDispatch.dispatch(ReflectionDispatch.java:36)
	at org.gradle.internal.dispatch.ReflectionDispatch.dispatch(ReflectionDispatch.java:24)
	at org.gradle.internal.dispatch.ContextClassLoaderDispatch.dispatch(ContextClassLoaderDispatch.java:33)
	at org.gradle.internal.dispatch.ProxyDispatchAdapter$DispatchingInvocationHandler.invoke(ProxyDispatchAdapter.java:94)
	at com.sun.proxy.$Proxy2.processTestClass(Unknown Source)
	at org.gradle.api.internal.tasks.testing.worker.TestWorker.processTestClass(TestWorker.java:118)
	at sun.reflect.GeneratedMethodAccessor11.invoke(Unknown Source)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.lang.reflect.Method.invoke(Method.java:498)
	at org.gradle.internal.dispatch.ReflectionDispatch.dispatch(ReflectionDispatch.java:36)
	at org.gradle.internal.dispatch.ReflectionDispatch.dispatch(ReflectionDispatch.java:24)
	at org.gradle.internal.remote.internal.hub.MessageHubBackedObjectConnection$DispatchWrapper.dispatch(MessageHubBackedObjectConnection.java:182)
	at org.gradle.internal.remote.internal.hub.MessageHubBackedObjectConnection$DispatchWrapper.dispatch(MessageHubBackedObjectConnection.java:164)
	at org.gradle.internal.remote.internal.hub.MessageHub$Handler.run(MessageHub.java:412)
	at org.gradle.internal.concurrent.ExecutorPolicy$CatchAndRecordFailures.onExecute(ExecutorPolicy.java:64)
	at org.gradle.internal.concurrent.ManagedExecutorImpl$1.run(ManagedExecutorImpl.java:48)
	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
	at org.gradle.internal.concurrent.ThreadFactoryImpl$ManagedThreadRunnable.run(ThreadFactoryImpl.java:56)
	at java.lang.Thread.run(Thread.java:748)
Standard OutputAdding ACLs for resource `ResourcePattern(resourceType=CLUSTER, name=kafka-cluster, patternType=LITERAL)`: 
 	(principal=User:kafka, host=*, operation=CLUSTER_ACTION, permissionType=ALLOW) 

Current ACLs for resource `Cluster:LITERAL:kafka-cluster`: 
 	User:kafka has Allow permission for operations: ClusterAction from hosts: * 

Adding ACLs for resource `ResourcePattern(resourceType=TOPIC, name=*, patternType=LITERAL)`: 
 	(principal=User:kafka, host=*, operation=READ, permissionType=ALLOW) 

Current ACLs for resource `Topic:LITERAL:*`: 
 	User:kafka has Allow permission for operations: Read from hosts: * 

Debug is  true storeKey true useTicketCache false useKeyTab true doNotPrompt false ticketCache is null isInitiator true KeyTab is /tmp/kafka6956053092858073839.tmp refreshKrb5Config is false principal is kafka/localhost@EXAMPLE.COM tryFirstPass is false useFirstPass is false storePass is false clearPass is false
principal is kafka/localhost@EXAMPLE.COM
Will use keytab
Commit Succeeded 

Adding ACLs for resource `ResourcePattern(resourceType=TOPIC, name=e2etopic, patternType=LITERAL)`: 
 	(principal=User:client, host=*, operation=DESCRIBE, permissionType=ALLOW)
	(principal=User:client, host=*, operation=CREATE, permissionType=ALLOW)
	(principal=User:client, host=*, operation=WRITE, permissionType=ALLOW) 

Current ACLs for resource `Topic:LITERAL:e2etopic`: 
 	User:client has Allow permission for operations: Describe from hosts: *
	User:client has Allow permission for operations: Create from hosts: *
	User:client has Allow permission for operations: Write from hosts: * 

Adding ACLs for resource `ResourcePattern(resourceType=TOPIC, name=e2etopic, patternType=LITERAL)`: 
 	(principal=User:client, host=*, operation=DESCRIBE, permissionType=ALLOW)
	(principal=User:client, host=*, operation=READ, permissionType=ALLOW) 

Adding ACLs for resource `ResourcePattern(resourceType=GROUP, name=group, patternType=LITERAL)`: 
 	(principal=User:client, host=*, operation=READ, permissionType=ALLOW) 

Current ACLs for resource `Topic:LITERAL:e2etopic`: 
 	User:client has Allow permission for operations: Read from hosts: *
	User:client has Allow permission for operations: Describe from hosts: *
	User:client has Allow permission for operations: Create from hosts: *
	User:client has Allow permission for operations: Write from hosts: * 

Current ACLs for resource `Group:LITERAL:group`: 
 	User:client has Allow permission for operations: Read from hosts: * 

Debug is  true storeKey true useTicketCache false useKeyTab true doNotPrompt false ticketCache is null isInitiator true KeyTab is /tmp/kafka7544779694857809493.tmp refreshKrb5Config is false principal is client@EXAMPLE.COM tryFirstPass is false useFirstPass is false storePass is false clearPass is false
principal is client@EXAMPLE.COM
Will use keytab
Commit Succeeded 

Debug is  true storeKey true useTicketCache false useKeyTab true doNotPrompt false ticketCache is null isInitiator true KeyTab is /tmp/kafka7544779694857809493.tmp refreshKrb5Config is false principal is client2@EXAMPLE.COM tryFirstPass is false useFirstPass is false storePass is false clearPass is false
principal is client2@EXAMPLE.COM
Will use keytab
Commit Succeeded 

[2019-11-14 00:05:16,760] ERROR [Consumer clientId=consumer-group-64, groupId=group] Topic authorization failed for topics [e2etopic] (org.apache.kafka.clients.Metadata:283)
Adding ACLs for resource `ResourcePattern(resourceType=CLUSTER, name=kafka-cluster, patternType=LITERAL)`: 
 	(principal=User:kafka, host=*, operation=CLUSTER_ACTION, permissionType=ALLOW) 

Current ACLs for resource `Cluster:LITERAL:kafka-cluster`: 
 	User:kafka has Allow permission for operations: ClusterAction from hosts: * 

Adding ACLs for resource `ResourcePattern(resourceType=TOPIC, name=*, patternType=LITERAL)`: 
 	(principal=User:kafka, host=*, operation=READ, permissionType=ALLOW) 

Current ACLs for resource `Topic:LITERAL:*`: 
 	User:kafka has Allow permission for operations: Read from hosts: * 

Debug is  true storeKey true useTicketCache false useKeyTab true doNotPrompt false ticketCache is null isInitiator true KeyTab is /tmp/kafka1164866442124187878.tmp refreshKrb5Config is false principal is kafka/localhost@EXAMPLE.COM tryFirstPass is false useFirstPass is false storePass is false clearPass is false
principal is kafka/localhost@EXAMPLE.COM
Will use keytab
Commit Succeeded 

Adding ACLs for resource `ResourcePattern(resourceType=TOPIC, name=e2etopic, patternType=LITERAL)`: 
 	(principal=User:client, host=*, operation=DESCRIBE, permissionType=ALLOW)
	(principal=User:client, host=*, operation=CREATE, permissionType=ALLOW)
	(principal=User:client, host=*, operation=WRITE, permissionType=ALLOW) 

Current ACLs for resource `Topic:LITERAL:e2etopic`: 
 	User:client has Allow permission for operations: Describe from hosts: *
	User:client has Allow permission for operations: Create from hosts: *
	User:client has Allow permission for operations: Write from hosts: * 

Adding ACLs for resource `ResourcePattern(resourceType=GROUP, name=group, patternType=LITERAL)`: 
 	(principal=User:client, host=*, operation=READ, permissionType=ALLOW) 

Current ACLs for resource `Group:LITERAL:group`: 
 	User:client has Allow permission for operations: Read from hosts: * 

Debug is  true storeKey true useTicketCache false useKeyTab true doNotPrompt false ticketCache is null isInitiator true KeyTab is /tmp/kafka5859610215295612432.tmp refreshKrb5Config is false principal is client@EXAMPLE.COM tryFirstPass is false useFirstPass is false storePass is false clearPass is false
principal is client@EXAMPLE.COM
Will use keytab
Commit Succeeded 

Current ACLs for resource `Topic:LITERAL:e2etopic`: 
 	User:client has Allow permission for operations: Create from hosts: *
	User:client has Allow permission for operations: Write from hosts: * 

Current ACLs for resource `Topic:LITERAL:e2etopic`: 
 	User:client has Allow permission for operations: Create from hosts: * 

[2019-11-14 00:05:27,930] ERROR [Consumer clientId=consumer-group-65, groupId=group] Topic authorization failed for topics [e2etopic] (org.apache.kafka.clients.Metadata:283)
Adding ACLs for resource `ResourcePattern(resourceType=TOPIC, name=e2etopic, patternType=LITERAL)`: 
 	(principal=User:client, host=*, operation=DESCRIBE, permissionType=ALLOW)
	(principal=User:client, host=*, operation=CREATE, permissionType=ALLOW)
	(principal=User:client, host=*, operation=WRITE, permissionType=ALLOW) 

Current ACLs for resource `Topic:LITERAL:e2etopic`: 
 	User:client has Allow permission for operations: Describe from hosts: *
	User:client has Allow permission for operations: Create from hosts: *
	User:client has Allow permission for operations: Write from hosts: * 

Adding ACLs for resource `ResourcePattern(resourceType=TOPIC, name=e2etopic, patternType=LITERAL)`: 
 	(principal=User:client, host=*, operation=DESCRIBE, permissionType=ALLOW)
	(principal=User:client, host=*, operation=READ, permissionType=ALLOW) 

Adding ACLs for resource `ResourcePattern(resourceType=GROUP, name=group, patternType=LITERAL)`: 
 	(principal=User:client, host=*, operation=READ, permissionType=ALLOW) 

Current ACLs for resource `Topic:LITERAL:e2etopic`: 
 	User:client has Allow permission for operations: Read from hosts: *
	User:client has Allow permission for operations: Describe from hosts: *
	User:client has Allow permission for operations: Create from hosts: *
	User:client has Allow permission for operations: Write from hosts: * 

Current ACLs for resource `Group:LITERAL:group`: 
 	User:client has Allow permission for operations: Read from hosts: * 

[2019-11-14 00:05:28,437] ERROR [Consumer clientId=consumer-group-65, groupId=group] Topic authorization failed for topics [topic2] (org.apache.kafka.clients.Metadata:283)
[2019-11-14 00:05:28,440] ERROR [Consumer clientId=consumer-group-65, groupId=group] Topic authorization failed for topics [topic2] (org.apache.kafka.clients.Metadata:283)
Adding ACLs for resource `ResourcePattern(resourceType=CLUSTER, name=kafka-cluster, patternType=LITERAL)`: 
 	(principal=User:kafka, host=*, operation=CLUSTER_ACTION, permissionType=ALLOW) 

Current ACLs for resource `Cluster:LITERAL:kafka-cluster`: 
 	User:kafka has Allow permission for operations: ClusterAction from hosts: * 

Adding ACLs for resource `ResourcePattern(resourceType=TOPIC, name=*, patternType=LITERAL)`: 
 	(principal=User:kafka, host=*, operation=READ, permissionType=ALLOW) 

Current ACLs for resource `Topic:LITERAL:*`: 
 	User:kafka has Allow permission for operations: Read from hosts: * 

Debug is  true storeKey true useTicketCache false useKeyTab true doNotPrompt false ticketCache is null isInitiator true KeyTab is /tmp/kafka8747414312546582585.tmp refreshKrb5Config is false principal is kafka/localhost@EXAMPLE.COM tryFirstPass is false useFirstPass is false storePass is false clearPass is false
principal is kafka/localhost@EXAMPLE.COM
Will use keytab
Commit Succeeded 

Adding ACLs for resource `ResourcePattern(resourceType=TOPIC, name=e2e, patternType=PREFIXED)`: 
 	(principal=User:client, host=*, operation=DESCRIBE, permissionType=ALLOW)
	(principal=User:client, host=*, operation=READ, permissionType=ALLOW)
	(principal=User:client, host=*, operation=CREATE, permissionType=ALLOW)
	(principal=User:client, host=*, operation=WRITE, permissionType=ALLOW) 

Adding ACLs for resource `ResourcePattern(resourceType=GROUP, name=gr, patternType=PREFIXED)`: 
 	(principal=User:client, host=*, operation=READ, permissionType=ALLOW) 

Current ACLs for resource `Topic:PREFIXED:e2e`: 
 	User:client has Allow permission for operations: Read from hosts: *
	User:client has Allow permission for operations: Describe from hosts: *
	User:client has Allow permission for operations: Create from hosts: *
	User:client has Allow permission for operations: Write from hosts: * 

Current ACLs for resource `Group:PREFIXED:gr`: 
 	User:client has Allow permission for operations: Read from hosts: * 

Debug is  true storeKey true useTicketCache false useKeyTab true doNotPrompt false ticketCache is null isInitiator true KeyTab is /tmp/kafka9087269612476946936.tmp refreshKrb5Config is false principal is client@EXAMPLE.COM tryFirstPass is false useFirstPass is false storePass is false clearPass is false
principal is client@EXAMPLE.COM
Will use keytab
Commit Succeeded 

Adding ACLs for resource `ResourcePattern(resourceType=CLUSTER, name=kafka-cluster, patternType=LITERAL)`: 
 	(principal=User:kafka, host=*, operation=CLUSTER_ACTION, permissionType=ALLOW) 

Current ACLs for resource `Cluster:LITERAL:kafka-cluster`: 
 	User:kafka has Allow permission for operations: ClusterAction from hosts: * 

Adding ACLs for resource `ResourcePattern(resourceType=TOPIC, name=*, patternType=LITERAL)`: 
 	(principal=User:kafka, host=*, operation=READ, permissionType=ALLOW) 

Current ACLs for resource `Topic:LITERAL:*`: 
 	User:kafka has Allow permission for operations: Read from hosts: * 

Debug is  true storeKey true useTicketCache false useKeyTab true doNotPrompt false ticketCache is null isInitiator true KeyTab is /tmp/kafka8309184149332187367.tmp refreshKrb5Config is false principal is kafka/localhost@EXAMPLE.COM tryFirstPass is false useFirstPass is false storePass is false clearPass is false
principal is kafka/localhost@EXAMPLE.COM
Will use keytab
Commit Succeeded 

Adding ACLs for resource `ResourcePattern(resourceType=TOPIC, name=e2etopic, patternType=LITERAL)`: 
 	(principal=User:client, host=*, operation=DESCRIBE, permissionType=ALLOW)
	(principal=User:client, host=*, operation=CREATE, permissionType=ALLOW)
	(principal=User:client, host=*, operation=WRITE, permissionType=ALLOW) 

Current ACLs for resource `Topic:LITERAL:e2etopic`: 
 	User:client has Allow permission for operations: Describe from hosts: *
	User:client has Allow permission for operations: Create from hosts: *
	User:client has Allow permission for operations: Write from hosts: * 

Adding ACLs for resource `ResourcePattern(resourceType=TOPIC, name=e2etopic, patternType=LITERAL)`: 
 	(principal=User:client, host=*, operation=DESCRIBE, permissionType=ALLOW)
	(principal=User:client, host=*, operation=READ, permissionType=ALLOW) 

Adding ACLs for resource `ResourcePattern(resourceType=GROUP, name=group, patternType=LITERAL)`: 
 	(principal=User:client, host=*, operation=READ, permissionType=ALLOW) 

Current ACLs for resource `Topic:LITERAL:e2etopic`: 
 	User:client has Allow permission for operations: Read from hosts: *
	User:client has Allow permission for operations: Describe from hosts: *
	User:client has Allow permission for operations: Create from hosts: *
	User:client has Allow permission for operations: Write from hosts: * 

Current ACLs for resource `Group:LITERAL:group`: 
 	User:client has Allow permission for operations: Read from hosts: * 

Debug is  true storeKey true useTicketCache false useKeyTab true doNotPrompt false ticketCache is null isInitiator true KeyTab is /tmp/kafka1141175465808765899.tmp refreshKrb5Config is false principal is client@EXAMPLE.COM tryFirstPass is false useFirstPass is false storePass is false clearPass is false
principal is client@EXAMPLE.COM
Will use keytab
Commit Succeeded 

Adding ACLs for resource `ResourcePattern(resourceType=CLUSTER, name=kafka-cluster, patternType=LITERAL)`: 
 	(principal=User:kafka, host=*, operation=CLUSTER_ACTION, permissionType=ALLOW) 

Current ACLs for resource `Cluster:LITERAL:kafka-cluster`: 
 	User:kafka has Allow permission for operations: ClusterAction from hosts: * 

Adding ACLs for resource `ResourcePattern(resourceType=TOPIC, name=*, patternType=LITERAL)`: 
 	(principal=User:kafka, host=*, operation=READ, permissionType=ALLOW) 

Current ACLs for resource `Topic:LITERAL:*`: 
 	User:kafka has Allow permission for operations: Read from hosts: * 

Debug is  true storeKey true useTicketCache false useKeyTab true doNotPrompt false ticketCache is null isInitiator true KeyTab is /tmp/kafka4492820688667369631.tmp refreshKrb5Config is false principal is kafka/localhost@EXAMPLE.COM tryFirstPass is false useFirstPass is false storePass is false clearPass is false
principal is kafka/localhost@EXAMPLE.COM
Will use keytab
Commit Succeeded 

Adding ACLs for resource `ResourcePattern(resourceType=TOPIC, name=e2etopic, patternType=LITERAL)`: 
 	(principal=User:client, host=*, operation=DESCRIBE, permissionType=ALLOW)
	(principal=User:client, host=*, operation=CREATE, permissionType=ALLOW)
	(principal=User:client, host=*, operation=WRITE, permissionType=ALLOW) 

Current ACLs for resource `Topic:LITERAL:e2etopic`: 
 	User:client has Allow permission for operations: Describe from hosts: *
	User:client has Allow permission for operations: Create from hosts: *
	User:client has Allow permission for operations: Write from hosts: * 

Adding ACLs for resource `ResourcePattern(resourceType=GROUP, name=group, patternType=LITERAL)`: 
 	(principal=User:client, host=*, operation=READ, permissionType=ALLOW) 

Current ACLs for resource `Group:LITERAL:group`: 
 	User:client has Allow permission for operations: Read from hosts: * 

Debug is  true storeKey true useTicketCache false useKeyTab true doNotPrompt false ticketCache is null isInitiator true KeyTab is /tmp/kafka7127417062223263778.tmp refreshKrb5Config is false principal is client@EXAMPLE.COM tryFirstPass is false useFirstPass is false storePass is false clearPass is false
principal is client@EXAMPLE.COM
Will use keytab
Commit Succeeded 

Adding ACLs for resource `ResourcePattern(resourceType=CLUSTER, name=kafka-cluster, patternType=LITERAL)`: 
 	(principal=User:kafka, host=*, operation=CLUSTER_ACTION, permissionType=ALLOW) 

Current ACLs for resource `Cluster:LITERAL:kafka-cluster`: 
 	User:kafka has Allow permission for operations: ClusterAction from hosts: * 

Adding ACLs for resource `ResourcePattern(resourceType=TOPIC, name=*, patternType=LITERAL)`: 
 	(principal=User:kafka, host=*, operation=READ, permissionType=ALLOW) 

Current ACLs for resource `Topic:LITERAL:*`: 
 	User:kafka has Allow permission for operations: Read from hosts: * 

Debug is  true storeKey true useTicketCache false useKeyTab true doNotPrompt false ticketCache is null isInitiator true KeyTab is /tmp/kafka4842878770720273118.tmp refreshKrb5Config is false principal is kafka/localhost@EXAMPLE.COM tryFirstPass is false useFirstPass is false storePass is false clearPass is false
principal is kafka/localhost@EXAMPLE.COM
Will use keytab
Commit Succeeded 

Adding ACLs for resource `ResourcePattern(resourceType=TOPIC, name=topic2, patternType=LITERAL)`: 
 	(principal=User:client, host=*, operation=DESCRIBE, permissionType=ALLOW)
	(principal=User:client, host=*, operation=CREATE, permissionType=ALLOW)
	(principal=User:client, host=*, operation=WRITE, permissionType=ALLOW) 

Current ACLs for resource `Topic:LITERAL:topic2`: 
 	User:client has Allow permission for operations: Describe from hosts: *
	User:client has Allow permission for operations: Create from hosts: *
	User:client has Allow permission for operations: Write from hosts: * 

Adding ACLs for resource `ResourcePattern(resourceType=TOPIC, name=topic2, patternType=LITERAL)`: 
 	(principal=User:client, host=*, operation=DESCRIBE, permissionType=ALLOW)
	(principal=User:client, host=*, operation=READ, permissionType=ALLOW) 

Adding ACLs for resource `ResourcePattern(resourceType=GROUP, name=group, patternType=LITERAL)`: 
 	(principal=User:client, host=*, operation=READ, permissionType=ALLOW) 

Current ACLs for resource `Topic:LITERAL:topic2`: 
 	User:client has Allow permission for operations: Read from hosts: *
	User:client has Allow permission for operations: Describe from hosts: *
	User:client has Allow permission for operations: Create from hosts: *
	User:client has Allow permission for operations: Write from hosts: * 

Current ACLs for resource `Group:LITERAL:group`: 
 	User:client has Allow permission for operations: Read from hosts: * 

Debug is  true storeKey true useTicketCache false useKeyTab true doNotPrompt false ticketCache is null isInitiator true KeyTab is /tmp/kafka5625345472493495489.tmp refreshKrb5Config is false principal is client@EXAMPLE.COM tryFirstPass is false useFirstPass is false storePass is false clearPass is false
principal is client@EXAMPLE.COM
Will use keytab
Commit Succeeded 

Adding ACLs for resource `ResourcePattern(resourceType=CLUSTER, name=kafka-cluster, patternType=LITERAL)`: 
 	(principal=User:kafka, host=*, operation=CLUSTER_ACTION, permissionType=ALLOW) 

Current ACLs for resource `Cluster:LITERAL:kafka-cluster`: 
 	User:kafka has Allow permission for operations: ClusterAction from hosts: * 

Adding ACLs for resource `ResourcePattern(resourceType=TOPIC, name=*, patternType=LITERAL)`: 
 	(principal=User:kafka, host=*, operation=READ, permissionType=ALLOW) 

Current ACLs for resource `Topic:LITERAL:*`: 
 	User:kafka has Allow permission for operations: Read from hosts: * 

Debug is  true storeKey true useTicketCache false useKeyTab true doNotPrompt false ticketCache is null isInitiator true KeyTab is /tmp/kafka5120046464615928618.tmp refreshKrb5Config is false principal is kafka/localhost@EXAMPLE.COM tryFirstPass is false useFirstPass is false storePass is false clearPass is false
principal is kafka/localhost@EXAMPLE.COM
Will use keytab
Commit Succeeded 

Adding ACLs for resource `ResourcePattern(resourceType=TOPIC, name=*, patternType=LITERAL)`: 
 	(principal=User:client, host=*, operation=DESCRIBE, permissionType=ALLOW)
	(principal=User:client, host=*, operation=READ, permissionType=ALLOW)
	(principal=User:client, host=*, operation=CREATE, permissionType=ALLOW)
	(principal=User:client, host=*, operation=WRITE, permissionType=ALLOW) 

Adding ACLs for resource `ResourcePattern(resourceType=GROUP, name=*, patternType=LITERAL)`: 
 	(principal=User:client, host=*, operation=READ, permissionType=ALLOW) 

Current ACLs for resource `Topic:LITERAL:*`: 
 	User:client has Allow permission for operations: Write from hosts: *
	User:client has Allow permission for operations: Describe from hosts: *
	User:client has Allow permission for operations: Read from hosts: *
	User:kafka has Allow permission for operations: Read from hosts: *
	User:client has Allow permission for operations: Create from hosts: * 

Current ACLs for resource `Group:LITERAL:*`: 
 	User:client has Allow permission for operations: Read from hosts: * 

Debug is  true storeKey true useTicketCache false useKeyTab true doNotPrompt false ticketCache is null isInitiator true KeyTab is /tmp/kafka8065847533733093202.tmp refreshKrb5Config is false principal is client@EXAMPLE.COM tryFirstPass is false useFirstPass is false storePass is false clearPass is false
principal is client@EXAMPLE.COM
Will use keytab
Commit Succeeded 

Adding ACLs for resource `ResourcePattern(resourceType=CLUSTER, name=kafka-cluster, patternType=LITERAL)`: 
 	(principal=User:kafka, host=*, operation=CLUSTER_ACTION, permissionType=ALLOW) 

Current ACLs for resource `Cluster:LITERAL:kafka-cluster`: 
 	User:kafka has Allow permission for operations: ClusterAction from hosts: * 

Adding ACLs for resource `ResourcePattern(resourceType=TOPIC, name=*, patternType=LITERAL)`: 
 	(principal=User:kafka, host=*, operation=READ, permissionType=ALLOW) 

Current ACLs for resource `Topic:LITERAL:*`: 
 	User:kafka has Allow permission for operations: Read from hosts: * 

Debug is  true storeKey true useTicketCache false useKeyTab true doNotPrompt false ticketCache is null isInitiator true KeyTab is /tmp/kafka5718433880170346361.tmp refreshKrb5Config is false principal is kafka/localhost@EXAMPLE.COM tryFirstPass is false useFirstPass is false storePass is false clearPass is false
principal is kafka/localhost@EXAMPLE.COM
Will use keytab
Commit Succeeded 

Adding ACLs for resource `ResourcePattern(resourceType=TOPIC, name=e2etopic, patternType=LITERAL)`: 
 	(principal=User:client, host=*, operation=DESCRIBE, permissionType=ALLOW)
	(principal=User:client, host=*, operation=CREATE, permissionType=ALLOW)
	(principal=User:client, host=*, operation=WRITE, permissionType=ALLOW) 

Current ACLs for resource `Topic:LITERAL:e2etopic`: 
 	User:client has Allow permission for operations: Describe from hosts: *
	User:client has Allow permission for operations: Create from hosts: *
	User:client has Allow permission for operations: Write from hosts: * 

Adding ACLs for resource `ResourcePattern(resourceType=GROUP, name=group, patternType=LITERAL)`: 
 	(principal=User:client, host=*, operation=READ, permissionType=ALLOW) 

Current ACLs for resource `Group:LITERAL:group`: 
 	User:client has Allow permission for operations: Read from hosts: * 

Debug is  true storeKey true useTicketCache false useKeyTab true doNotPrompt false ticketCache is null isInitiator true KeyTab is /tmp/kafka2477903581865723182.tmp refreshKrb5Config is false principal is client@EXAMPLE.COM tryFirstPass is false useFirstPass is false storePass is false clearPass is false
principal is client@EXAMPLE.COM
Will use keytab
Commit Succeeded 

Adding ACLs for resource `ResourcePattern(resourceType=CLUSTER, name=kafka-cluster, patternType=LITERAL)`: 
 	(principal=User:kafka, host=*, operation=CLUSTER_ACTION, permissionType=ALLOW) 

Current ACLs for resource `Cluster:LITERAL:kafka-cluster`: 
 	User:kafka has Allow permission for operations: ClusterAction from hosts: * 

Adding ACLs for resource `ResourcePattern(resourceType=TOPIC, name=*, patternType=LITERAL)`: 
 	(principal=User:kafka, host=*, operation=READ, permissionType=ALLOW) 

Current ACLs for resource `Topic:LITERAL:*`: 
 	User:kafka has Allow permission for operations: Read from hosts: * 

Debug is  true storeKey true useTicketCache false useKeyTab true doNotPrompt false ticketCache is null isInitiator true KeyTab is /tmp/kafka2468726472607360276.tmp refreshKrb5Config is false principal is kafka/localhost@EXAMPLE.COM tryFirstPass is false useFirstPass is false storePass is false clearPass is false
principal is kafka/localhost@EXAMPLE.COM
Will use keytab
Commit Succeeded 

Adding ACLs for resource `ResourcePattern(resourceType=TOPIC, name=e2etopic, patternType=LITERAL)`: 
 	(principal=User:client, host=*, operation=DESCRIBE, permissionType=ALLOW)
	(principal=User:client, host=*, operation=CREATE, permissionType=ALLOW)
	(principal=User:client, host=*, operation=WRITE, permissionType=ALLOW) 

Current ACLs for resource `Topic:LITERAL:e2etopic`: 
 	User:client has Allow permission for operations: Describe from hosts: *
	User:client has Allow permission for operations: Create from hosts: *
	User:client has Allow permission for operations: Write from hosts: * 

Adding ACLs for resource `ResourcePattern(resourceType=GROUP, name=group, patternType=LITERAL)`: 
 	(principal=User:client, host=*, operation=READ, permissionType=ALLOW) 

Current ACLs for resource `Group:LITERAL:group`: 
 	User:client has Allow permission for operations: Read from hosts: * 

Debug is  true storeKey true useTicketCache false useKeyTab true doNotPrompt false ticketCache is null isInitiator true KeyTab is /tmp/kafka5732682815670095435.tmp refreshKrb5Config is false principal is client@EXAMPLE.COM tryFirstPass is false useFirstPass is false storePass is false clearPass is false
principal is client@EXAMPLE.COM
Will use keytab
Commit Succeeded 

Current ACLs for resource `Topic:LITERAL:e2etopic`: 
 	User:client has Allow permission for operations: Create from hosts: *
	User:client has Allow permission for operations: Write from hosts: * 

Current ACLs for resource `Topic:LITERAL:e2etopic`: 
 	User:client has Allow permission for operations: Create from hosts: * 

[2019-11-14 00:06:46,746] ERROR [Consumer clientId=consumer-group-72, groupId=group] Topic authorization failed for topics [e2etopic] (org.apache.kafka.clients.Metadata:283)
Adding ACLs for resource `ResourcePattern(resourceType=CLUSTER, name=kafka-cluster, patternType=LITERAL)`: 
 	(principal=User:kafka, host=*, operation=CLUSTER_ACTION, permissionType=ALLOW) 

Current ACLs for resource `Cluster:LITERAL:kafka-cluster`: 
 	User:kafka has Allow permission for operations: ClusterAction from hosts: * 

Adding ACLs for resource `ResourcePattern(resourceType=TOPIC, name=*, patternType=LITERAL)`: 
 	(principal=User:kafka, host=*, operation=READ, permissionType=ALLOW) 

Current ACLs for resource `Topic:LITERAL:*`: 
 	User:kafka has Allow permission for operations: Read from hosts: * 

Debug is  true storeKey true useTicketCache false useKeyTab true doNotPrompt false ticketCache is null isInitiator true KeyTab is /tmp/kafka2013270490890764303.tmp refreshKrb5Config is false principal is kafka/localhost@EXAMPLE.COM tryFirstPass is false useFirstPass is false storePass is false clearPass is false
principal is kafka/localhost@EXAMPLE.COM
Will use keytab
Commit Succeeded 

Adding ACLs for resource `ResourcePattern(resourceType=TOPIC, name=e2etopic, patternType=LITERAL)`: 
 	(principal=User:client, host=*, operation=DESCRIBE, permissionType=ALLOW)
	(principal=User:client, host=*, operation=CREATE, permissionType=ALLOW)
	(principal=User:client, host=*, operation=WRITE, permissionType=ALLOW) 

Current ACLs for resource `Topic:LITERAL:e2etopic`: 
 	User:client has Allow permission for operations: Describe from hosts: *
	User:client has Allow permission for operations: Create from hosts: *
	User:client has Allow permission for operations: Write from hosts: * 

Debug is  true storeKey true useTicketCache false useKeyTab true doNotPrompt false ticketCache is null isInitiator true KeyTab is /tmp/kafka2326244927512378494.tmp refreshKrb5Config is false principal is client@EXAMPLE.COM tryFirstPass is false useFirstPass is false storePass is false clearPass is false
principal is client@EXAMPLE.COM
Will use keytab
Commit Succeeded 

Adding ACLs for resource `ResourcePattern(resourceType=CLUSTER, name=kafka-cluster, patternType=LITERAL)`: 
 	(principal=User:kafka, host=*, operation=CLUSTER_ACTION, permissionType=ALLOW) 

Current ACLs for resource `Cluster:LITERAL:kafka-cluster`: 
 	User:kafka has Allow permission for operations: ClusterAction from hosts: * 

Adding ACLs for resource `ResourcePattern(resourceType=TOPIC, name=*, patternType=LITERAL)`: 
 	(principal=User:kafka, host=*, operation=READ, permissionType=ALLOW) 

Current ACLs for resource `Topic:LITERAL:*`: 
 	User:kafka has Allow permission for operations: Read from hosts: * 

Debug is  true storeKey true useTicketCache false useKeyTab true doNotPrompt false ticketCache is null isInitiator true KeyTab is /tmp/kafka8457104099673983066.tmp refreshKrb5Config is false principal is kafka/localhost@EXAMPLE.COM tryFirstPass is false useFirstPass is false storePass is false clearPass is false
principal is kafka/localhost@EXAMPLE.COM
Will use keytab
Commit Succeeded 

Adding ACLs for resource `ResourcePattern(resourceType=TOPIC, name=e2etopic, patternType=LITERAL)`: 
 	(principal=User:client, host=*, operation=DESCRIBE, permissionType=ALLOW) 

Current ACLs for resource `Topic:LITERAL:e2etopic`: 
 	User:client has Allow permission for operations: Describe from hosts: * 

Debug is  true storeKey true useTicketCache false useKeyTab true doNotPrompt false ticketCache is null isInitiator true KeyTab is /tmp/kafka2302048904671721331.tmp refreshKrb5Config is false principal is client@EXAMPLE.COM tryFirstPass is false useFirstPass is false storePass is false clearPass is false
principal is client@EXAMPLE.COM
Will use keytab
Commit Succeeded 

Adding ACLs for resource `ResourcePattern(resourceType=CLUSTER, name=kafka-cluster, patternType=LITERAL)`: 
 	(principal=User:kafka, host=*, operation=CLUSTER_ACTION, permissionType=ALLOW) 

Current ACLs for resource `Cluster:LITERAL:kafka-cluster`: 
 	User:kafka has Allow permission for operations: ClusterAction from hosts: * 

Adding ACLs for resource `ResourcePattern(resourceType=TOPIC, name=*, patternType=LITERAL)`: 
 	(principal=User:kafka, host=*, operation=READ, permissionType=ALLOW) 

Current ACLs for resource `Topic:LITERAL:*`: 
 	User:kafka has Allow permission for operations: Read from hosts: * 

Debug is  true storeKey true useTicketCache false useKeyTab true doNotPrompt false ticketCache is null isInitiator true KeyTab is /tmp/kafka6086036635542397633.tmp refreshKrb5Config is false principal is kafka/localhost@EXAMPLE.COM tryFirstPass is false useFirstPass is false storePass is false clearPass is false
principal is kafka/localhost@EXAMPLE.COM
Will use keytab
Commit Succeeded 

Adding ACLs for resource `ResourcePattern(resourceType=GROUP, name=group, patternType=LITERAL)`: 
 	(principal=User:client, host=*, operation=READ, permissionType=ALLOW) 

Current ACLs for resource `Group:LITERAL:group`: 
 	User:client has Allow permission for operations: Read from hosts: * 

Debug is  true storeKey true useTicketCache false useKeyTab true doNotPrompt false ticketCache is null isInitiator true KeyTab is /tmp/kafka8629762638726138051.tmp refreshKrb5Config is false principal is client@EXAMPLE.COM tryFirstPass is false useFirstPass is false storePass is false clearPass is false
principal is client@EXAMPLE.COM
Will use keytab
Commit Succeeded 

[2019-11-14 00:07:19,447] ERROR [Producer clientId=producer-178] Topic authorization failed for topics [e2etopic] (org.apache.kafka.clients.Metadata:283)
[2019-11-14 00:07:19,472] ERROR [Consumer clientId=consumer-group-74, groupId=group] Topic authorization failed for topics [e2etopic] (org.apache.kafka.clients.Metadata:283)
Adding ACLs for resource `ResourcePattern(resourceType=TOPIC, name=topic2, patternType=LITERAL)`: 
 	(principal=User:client, host=*, operation=DESCRIBE, permissionType=ALLOW)
	(principal=User:client, host=*, operation=CREATE, permissionType=ALLOW)
	(principal=User:client, host=*, operation=WRITE, permissionType=ALLOW) 

Current ACLs for resource `Topic:LITERAL:topic2`: 
 	User:client has Allow permission for operations: Describe from hosts: *
	User:client has Allow permission for operations: Create from hosts: *
	User:client has Allow permission for operations: Write from hosts: * 

Adding ACLs for resource `ResourcePattern(resourceType=TOPIC, name=topic2, patternType=LITERAL)`: 
 	(principal=User:client, host=*, operation=DESCRIBE, permissionType=ALLOW)
	(principal=User:client, host=*, operation=READ, permissionType=ALLOW) 

Adding ACLs for resource `ResourcePattern(resourceType=GROUP, name=group, patternType=LITERAL)`: 
 	(principal=User:client, host=*, operation=READ, permissionType=ALLOW) 

Current ACLs for resource `Topic:LITERAL:topic2`: 
 	User:client has Allow permission for operations: Read from hosts: *
	User:client has Allow permission for operations: Describe from hosts: *
	User:client has Allow permission for operations: Create from hosts: *
	User:client has Allow permission for operations: Write from hosts: * 

Current ACLs for resource `Group:LITERAL:group`: 
 	User:client has Allow permission for operations: Read from hosts: * 

[2019-11-14 00:07:20,026] ERROR [Producer clientId=producer-178] Topic authorization failed for topics [e2etopic] (org.apache.kafka.clients.Metadata:283)
[2019-11-14 00:07:20,128] ERROR [Producer clientId=producer-178] Topic authorization failed for topics [e2etopic] (org.apache.kafka.clients.Metadata:283)
Adding ACLs for resource `ResourcePattern(resourceType=TOPIC, name=e2etopic, patternType=LITERAL)`: 
 	(principal=User:client, host=*, operation=DESCRIBE, permissionType=ALLOW)
	(principal=User:client, host=*, operation=CREATE, permissionType=ALLOW)
	(principal=User:client, host=*, operation=WRITE, permissionType=ALLOW) 

Current ACLs for resource `Topic:LITERAL:e2etopic`: 
 	User:client has Allow permission for operations: Describe from hosts: *
	User:client has Allow permission for operations: Create from hosts: *
	User:client has Allow permission for operations: Write from hosts: * 

Adding ACLs for resource `ResourcePattern(resourceType=TOPIC, name=e2etopic, patternType=LITERAL)`: 
 	(principal=User:client, host=*, operation=DESCRIBE, permissionType=ALLOW)
	(principal=User:client, host=*, operation=READ, permissionType=ALLOW) 

Adding ACLs for resource `ResourcePattern(resourceType=GROUP, name=group, patternType=LITERAL)`: 
 	(principal=User:client, host=*, operation=READ, permissionType=ALLOW) 

Current ACLs for resource `Topic:LITERAL:e2etopic`: 
 	User:client has Allow permission for operations: Read from hosts: *
	User:client has Allow permission for operations: Describe from hosts: *
	User:client has Allow permission for operations: Create from hosts: *
	User:client has Allow permission for operations: Write from hosts: * 

Current ACLs for resource `Group:LITERAL:group`: 
 	User:client has Allow permission for operations: Read from hosts: * 

[2019-11-14 00:07:21,067] ERROR [Consumer clientId=consumer-group-74, groupId=group] Topic authorization failed for topics [e2etopic] (org.apache.kafka.clients.Metadata:283)
Adding ACLs for resource `ResourcePattern(resourceType=CLUSTER, name=kafka-cluster, patternType=LITERAL)`: 
 	(principal=User:kafka, host=*, operation=CLUSTER_ACTION, permissionType=ALLOW) 

Current ACLs for resource `Cluster:LITERAL:kafka-cluster`: 
 	User:kafka has Allow permission for operations: ClusterAction from hosts: * 

Adding ACLs for resource `ResourcePattern(resourceType=TOPIC, name=*, patternType=LITERAL)`: 
 	(principal=User:kafka, host=*, operation=READ, permissionType=ALLOW) 

Current ACLs for resource `Topic:LITERAL:*`: 
 	User:kafka has Allow permission for operations: Read from hosts: * 

Debug is  true storeKey true useTicketCache false useKeyTab true doNotPrompt false ticketCache is null isInitiator true KeyTab is /tmp/kafka3830268151830041256.tmp refreshKrb5Config is false principal is kafka/localhost@EXAMPLE.COM tryFirstPass is false useFirstPass is false storePass is false clearPass is false
principal is kafka/localhost@EXAMPLE.COM
Will use keytab
Commit Succeeded 

Adding ACLs for resource `ResourcePattern(resourceType=TOPIC, name=e2etopic, patternType=LITERAL)`: 
 	(principal=User:client, host=*, operation=DESCRIBE, permissionType=ALLOW)
	(principal=User:client, host=*, operation=CREATE, permissionType=ALLOW)
	(principal=User:client, host=*, operation=WRITE, permissionType=ALLOW) 

Current ACLs for resource `Topic:LITERAL:e2etopic`: 
 	User:client has Allow permission for operations: Describe from hosts: *
	User:client has Allow permission for operations: Create from hosts: *
	User:client has Allow permission for operations: Write from hosts: * 

Adding ACLs for resource `ResourcePattern(resourceType=TOPIC, name=e2etopic, patternType=LITERAL)`: 
 	(principal=User:client, host=*, operation=DESCRIBE, permissionType=ALLOW)
	(principal=User:client, host=*, operation=READ, permissionType=ALLOW) 

Adding ACLs for resource `ResourcePattern(resourceType=GROUP, name=group, patternType=LITERAL)`: 
 	(principal=User:client, host=*, operation=READ, permissionType=ALLOW) 

Current ACLs for resource `Topic:LITERAL:e2etopic`: 
 	User:client has Allow permission for operations: Read from hosts: *
	User:client has Allow permission for operations: Describe from hosts: *
	User:client has Allow permission for operations: Create from hosts: *
	User:client has Allow permission for operations: Write from hosts: * 

Current ACLs for resource `Group:LITERAL:group`: 
 	User:client has Allow permission for operations: Read from hosts: * 

Debug is  true storeKey true useTicketCache false useKeyTab true doNotPrompt false ticketCache is null isInitiator true KeyTab is /tmp/kafka3967813509415878539.tmp refreshKrb5Config is false principal is client@EXAMPLE.COM tryFirstPass is false useFirstPass is false storePass is false clearPass is false
principal is client@EXAMPLE.COM
Will use keytab
Commit Succeeded

      Attachments

        Issue Links

          is a clone of

          Bug - A problem which impairs or prevents the functions of the product. KAFKA-9190 Server leaves connections with expired authentication sessions open

          • Major - Major loss of function.
          • Resolved

          Activity

            People

              Unassigned Unassigned
              bbejeck Bill Bejeck
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated: